4 matches found
CVE-2022-41573
An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessible at an images/common/ URI for remote code execution...
CVE-2022-41573
creationtimestamp| type| source ---|---|--- 2025-01-07 19:33:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113788740810947173 2025-01-07 19:37:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/532 2025-01-07 20:15:43+00:00| seen|...
CVE-2022-41573
An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessible at an images/common/ URI for remote code execution...
CVE-2022-41573
An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessible at an images/common/ URI for remote code execution...