This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CVE-2022-29774 | |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | |
Score: 9.8 (Critical) | |
Vulnerble product version: iSpy Connect 7.2.2.0 | |
Vulnerability type: Directory traversal(CWE-35) and Command Execution(CWE-78) | |
Vulnerability Description: iSpyConnect iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal | |
Therefore, a malicious actor could run an executable of her choice in the vulnerable server. | |
CVE-2022-29775 | |
CVSS:CVSS: 3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CVE-2021-37367 | |
CVSS:AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |
Score: 7.8 (High) | |
Vulnerble product version: CTParental 4.45.02m | |
Vulnerability type: Command execution(CWE-78) | |
Vulnerability Description: CTparental before 4.45.07 is affected by a code execution vulnerability in the CTparental admin panel. Because The file "bl_categories_help.php" is vulnerable to directory traversal, an attacker can create a file that contains scripts and run arbitrary commands. | |
Link to Maintainer Acknowledgment: | |
https://gitlab.com/marsat/CTparental/-/releases/4.45.07 | |
CVE-2021-37366 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Copyright (c) 2019 - Paolo Perego - paolo@armoredcode.com | |
Permission is hereby granted, free of charge, to any person | |
obtaining a copy of this software and associated documentation | |
files (the "Software"), to deal in the Software without | |
restriction, including without limitation the rights to use, | |
copy, modify, merge, publish, distribute, sublicense, and/or sell | |
copies of the Software, and to permit persons to whom the | |
Software is furnished to do so, subject to the following | |
conditions: |