Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.8 views

CVE-2022-23626

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file that could contain a malicious payload was kept on the disk. Use...

8.8CVSS6.8AI score0.09874EPSS
Exploits4References1
0day.today
0day.today
added 2022/05/24 12:0 a.m.412 views

m1k1o Blog v.10 - Remote Code Execution Exploit

Exploit Title: m1k1o's Blog v.10 - Remote Code Execution RCE Authenticated Exploit Author: Malte V Vendor Homepage: https://github.com/m1k1o/blog Software Link: https://github.com/m1k1o/blog/archive/refs/tags/v1.3.zip Version: 1.3 and below Tested on: Linux CVE : CVE-2022-23626 import argparse...

8.8CVSS8.8AI score0.09874EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/23 12:0 a.m.311 views

m1k1o's Blog v.10 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: m1k1o's Blog v.10 - Remote Code Execution RCE Authenticated Date: 2022-01-06 Exploit Author: Malte V Vendor Homepage: https://github.com/m1k1o/blog Software Link: https://github.com/m1k1o/blog/archive/refs/tags/v1.3.zip Version: 1.3 and below Tested on: Linux CVE : CVE-2022-23626...

8.8CVSS8.9AI score0.09874EPSS
Exploits4
Circl
Circl
added 2022/02/09 12:15 a.m.6 views

CVE-2022-23626

creationtimestamp| type| source ---|---|--- 2022-02-09 00:15:27+00:00| seen| https://t.me/cibsecurity/37028...

8.8CVSS8.1AI score0.09874EPSS
Exploits4References1
NVD
NVD
added 2022/02/08 10:15 p.m.42 views

CVE-2022-23626

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file that could contain a malicious payload was kept on the disk. Use...

8.8CVSS0.09874EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2022/02/08 10:0 p.m.11 views

CVE-2022-23626 Insufficient file checks in m1k1o/blog

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file that could contain a malicious payload was kept on the disk. Use...

8.5CVSS8.8AI score0.09874EPSS
Exploits4References3
Cvelist
Cvelist
added 2022/02/08 10:0 p.m.45 views

CVE-2022-23626 Insufficient file checks in m1k1o/blog

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file that could contain a malicious payload was kept on the disk. Use...

8.5CVSS9AI score0.09874EPSS
Exploits4References3
CVE
CVE
added 2022/02/08 10:0 p.m.133 views

CVE-2022-23626

Vulnerability: CVE-2022-23626 in m1k1o/blog (PHP blog) where errors from imagecreatefrom* / image* were not checked, allowing the original uploaded file to remain on disk despite PHP warnings. Impact described as potential exposure of malicious payloads stored on disk; remediation advised is upgr...

8.8CVSS8.7AI score0.09874EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder