Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2022/02/08 10:0 p.m.13 views

CVE-2022-23626 Insufficient file checks in m1k1o/blog

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file that could contain a malicious payload was kept on the disk. Use...

8.5CVSS8.4AI score0.04273EPSS
Exploits4References5
CVE
CVEadded 2022/02/08 10:0 p.m.123 views

CVE-2022-23626

Vulnerability: CVE-2022-23626 in m1k1o/blog (PHP blog) where errors from imagecreatefrom* / image* were not checked, allowing the original uploaded file to remain on disk despite PHP warnings. Impact described as potential exposure of malicious payloads stored on disk; remediation advised is upgr...

8.8CVSS8.7AI score0.04273EPSS
Exploits4References3Affected Software1
CNNVD
CNNVDadded 2022/02/08 12:0 a.m.1 views

M1k1o Blog 输入验证错误漏洞

M1k1o Blog is a simple self-hosted, lightweight, single-user PHP blog where you can create your own Facebook-like feed. An input validation error vulnerability exists in M1k1o Blog, which stems from an error in the product functions imagecreatefrom and image that is not properly checked...

8.8CVSS7.9AI score0.04273EPSS
Exploits4References7
Rows per page
Query Builder