5 matches found
CVE-2022-45771
An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file...
CVE-2022-45771
An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file...
Design/Logic Flaw
An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file...
PT-2022-27641 · Pwndoc · Pwndoc
Name of the Vulnerable Software and Affected Versions: Pwndoc version 0.5.3 Description: An issue in the "/api/audits" component allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file. Recommendations: For Pwndoc version 0.5.3, consider disabling the...
CVE-2022-32974
An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials...