4 matches found
CVE-2022-32176
creationtimestamp| type| source ---|---|--- 2022-10-17 22:13:21+00:00| seen| https://t.me/cibsecurity/51624 2025-05-10 03:26:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15881...
CVE-2022-32176
Gin-Vue-Admin is affected in versions v2.5.1 through v2.5.3b by an Unrestricted File Upload through the Media Library’s Compress Upload feature, enabling JavaScript execution and exposure of admin cookies, which can lead to account takeover. Root cause: insufficient restriction of file uploads. I...
CVE-2022-32176 Gin-vue-admin - Unrestricted File Upload
In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3b are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the "Compress Upload" functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the...
CVE-2022-32176 Gin-vue-admin - Unrestricted File Upload
In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3b are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the "Compress Upload" functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the...