Lucene search
GoogleOSV:CVE-2022-46610HistoryJan 10, 2023 - 2:15 p.m.
CVE-2022-46610
2023-01-1014:15:10
Google
osv.dev
5
arbitrary file upload
avatar upload
php file
attackers
software
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.2
Confidence
High
EPSS
0.001
Percentile
42.8%
72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
Related
prion
prion
Privilege escalation
2023-01-10 14:15:00
nvd
nvd
CVE-2022-46610
2023-01-10 14:15:10
cvelist
cvelist
CVE-2022-46610
2023-01-10 00:00:00
cve
cve
CVE-2022-46610
2023-01-10 14:15:10
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.2
Confidence
High
EPSS
0.001
Percentile
42.8%
Related for OSV:CVE-2022-46610