VulnCheck KEV: CVE-2022-32409

A local file inclusion LFI vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request...

CVE-2022-32409

CVE-2022-32409 affects Portal do Software Publico Brasileiro i3geo 7.0.5, with a local file inclusion in codemirror.php that allows arbitrary PHP code execution via a crafted HTTP request. Root cause: LFI in codemirror.php. Impact is reported as critical (CVSS 3.1: 9.8, HIGH confidentiality/ inte...