Lucene search

[email protected]NVD:CVE-2022-35150

HistoryAug 22, 2022 - 4:15 p.m.

CVE-2022-35150

2022-08-2216:15:09

CWE-434

[email protected]

web.nvd.nist.gov

baijicms v4

arbitrary file upload

vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.7%

JSON

Baijicms v4 was discovered to contain an arbitrary file upload vulnerability.

Affected configurations

Nvd

Node

baijiacms_projectbaijiacmsMatch4_1_4_20170105

VendorProductVersionCPE
baijiacms_projectbaijiacms4_1_4_20170105cpe:2.3:a:baijiacms_project:baijiacms:4_1_4_20170105:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
baijiacms_project	baijiacms	4_1_4_20170105	cpe:2.3:a:baijiacms_project:baijiacms:4_1_4_20170105:::::::*

References

gitee.com/cui-yiwei/cve-number/blob/master/images/Cve%20number.md

github.com/To-LingJing/CVE-Issues/blob/main/baijiacms/upload_file.md

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.7%

JSON

Related for NVD:CVE-2022-35150

prion1 cnvd1 cvelist1 cve1