Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2022-44276

Published: 28/06/2023 Updated: 05/07/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Tecrail

Vulnerability Summary

In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE.

Vulnerable Product Search on Vulmon Subscribe to Product

tecrail responsive filemanager

Github Repositories

https://github.com/HerrLeStrate/CVE-2022-44276-PoC

PoC for Responsive Filemanager < 9.12.0 bypass upload restrictions lead to RCE

CVE-2022-44276-PoC PoC for Responsive Filemanager &lt; 9120 bypass upload restrictions lead to RCE Where's vuln? When uploading new file we go through function fix_filename: githubcom/trippo/ResponsiveFilemanager/blob/9a7411f3eab3b7d8e2c78dcf40b4325bde2c548d/filemanager/uploadphp#L112 In this function we have function strip_tags which searches brackets and

References

CWE-434https://github.com/HerrLeStrate/CVE-2022-44276-PoChttps://nvd.nist.govhttps://github.com/HerrLeStrate/CVE-2022-44276-PoC
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook