Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PlanetestreamPlanet Estream

2 matches found

CVE
CVEadded 2022/12/25 5:15 a.m.59 views

CVE-2022-45896

Planet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. Upload2.ashx can be used, or Ajax.asmx/ProcessUpload2. This leads to remote code execution.

9.8CVSS9.8AI score0.02149EPSS
Web
CVE
CVEadded 2022/12/25 4:15 a.m.38 views

CVE-2022-45891

Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads (Upload2.ashx) or access content uploaded by other users (View.aspx after Ajax.asmx/SaveGrantAccessList).

9.1CVSS9.3AI score0.00084EPSS
Web