Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2022/10/14 7:0 a.m.25 views

CVE-2022-32177 Gin-vue-admin - Unrestricted File Upload

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the 'Normal Upload' functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the...

9.3AI score0.00946EPSS
Exploits1References2
CVE
CVE
added 2022/10/14 7:0 a.m.58 views

CVE-2022-32177

CVE-2022-32177 concerns Gin-Vue-Admin versions v2.5.1–v2.5.3beta, where Unrestricted File Upload via the Media Library’s Normal Upload can trigger JavaScript execution. When an admin views the uploaded file, a low-privilege attacker may gain access to the admin’s cookie, enabling account takeover...

9CVSS9.2AI score0.00946EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/14 7:0 a.m.9 views

CVE-2022-32177 Gin-vue-admin - Unrestricted File Upload

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the 'Normal Upload' functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the...

9.2AI score0.00946EPSS
Exploits1References2
OSV
OSV
added 2022/10/14 7:0 a.m.28 views

CVE-2022-32177 Gin-vue-admin - Unrestricted File Upload

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the 'Normal Upload' functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the...

9CVSS7.2AI score0.00946EPSS
Exploits1References4
Rows per page
Query Builder