3 matches found
CVE-2022-46493
Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/downloadimg...
CVE-2022-46493
Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/downloadimg...
CVE-2022-46493
CVE-2022-46493 affects the nbnbk default version, with an arbitrary file upload vulnerability exposed via the /api/User/download_img endpoint. The CVE is rated CVSS v3.1 base score 9.8 (CRITICAL), with network attack vector, no privileges required, and no user interaction; impacts to confidential...