Lucene search
PRIOn knowledge basePRION:CVE-2022-23626HistoryFeb 08, 2022 - 10:15 p.m.
Design/Logic Flaw
2022-02-0822:15:00
PRIOn knowledge base
www.prio-n.com
9
m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom* and image* have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file (that could contain a malicious payload) was kept on the disk. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
Related
nvd
nvd
CVE-2022-23626
2022-02-08 22:15:07
cvelist
cvelist
CVE-2022-23626 Insufficient file checks in m1k1o/blog
2022-02-08 22:00:12
osv
osv
CVE-2022-23626
2022-02-08 22:15:07
packetstorm
packetstorm
m1k1o's Blog 1.3 Remote Code Execution
2022-05-23 00:00:00
zdt
zdt
m1k1o Blog v.10 - Remote Code Execution Exploit
2022-05-24 00:00:00
cve
cve
CVE-2022-23626
2022-02-08 22:15:07
exploitdb
exploitdb
m1k1o's Blog v.10 - Remote Code Execution (RCE) (Authenticated)
2022-05-23 00:00:00