2 matches found
CVE-2022-32060
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2022-32060
CVE-2022-32060 affects Snipe-IT 6.0.2, with an arbitrary file upload vulnerability in the Update Branding Settings component. Connected sources attribute the root cause to inadequate validation in the Update Branding Settings handling (store function), enabling an attacker to upload a crafted fil...