Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:18 p.m.9 views

CVE-2022-0415

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

9.9CVSS6.9AI score0.65237EPSS
Exploits1References1
Huntr
Huntr
added 2022/06/06 4:9 p.m.186 views

Bypass to Remote Command Execution in uploading repository file

Description I find a bypass for CVE-2022-0415 and previous fixs. In the fix of CVE-2022-0415, gogs filter /.git/ by strings.HasSuffix and strings.Contains. However, use /.Git/ can bypass this and upload successfully Proof of Concept Create a repository in Gogs, upload a file config to the...

7.5CVSS8.6AI score0.97839EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2022/05/17 12:0 a.m.42 views

Gogs File Upload Command Injection (CVE-2022-0415)

A command injection vulnerability exists in Gogs File Upload. Successful exploitation of this vulnerability could result in code execution on the affected system...

6.5CVSS3AI score0.65237EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/03/21 11:15 a.m.6 views

CVE-2022-0415

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

9.9CVSS7.8AI score0.65237EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2022/03/21 11:15 a.m.49 views

CVE-2022-0415

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

9.9CVSS7.2AI score0.65237EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2022/03/21 11:15 a.m.57 views

CVE-2022-0415

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

9.9CVSS2.3AI score0.65237EPSS
Exploits1
Cvelist
Cvelist
added 2022/03/21 10:45 a.m.31 views

CVE-2022-0415 Remote Command Execution in uploading repository file in gogs/gogs

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

9.9CVSS9.2AI score0.65237EPSS
Exploits1References2
OSV
OSV
added 2022/03/21 10:45 a.m.23 views

CVE-2022-0415 Remote Command Execution in uploading repository file in gogs/gogs

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6...

9.9CVSS9.2AI score0.65237EPSS
Exploits1References4
CVE
CVE
added 2022/03/21 10:45 a.m.175 views

CVE-2022-0415

Gogs (Go Git Service) before version 0.12.6 is vulnerable to Remote Command Execution via uploading a repository file. The issue allows an attacker to execute arbitrary commands on the server through the repository upload process in gogs/gogs, potentially leading to full system compromise. The fi...

9.9CVSS8.8AI score0.65237EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder