定价企业版

CVE-2022-3552

7.2HIGH

Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1.

发布于: 10/17/2022更新于: 11/21/2024

在NVD查看在MITRE查看

描述

Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1.

AI分析AI驱动

受影响产品

boxbillingboxbilling

可用漏洞利用 (1)

webappsphpVERIFIED

BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)

zetc0de3/28/2023

参考资料

http://packetstormsecurity.com/files/171542/BoxBilling-4.22.1.5-Remote-Code-Execution.html
https://github.com/boxbilling/boxbilling/commit/b6705995785eaa8653e876318c9b3d82060dc945
Third Party Advisory
https://huntr.dev/bounties/c6e2973d-386d-4667-9426-10d10828539b
ExploitPatchThird Party Advisory
http://packetstormsecurity.com/files/171542/BoxBilling-4.22.1.5-Remote-Code-Execution.html
https://github.com/boxbilling/boxbilling/commit/b6705995785eaa8653e876318c9b3d82060dc945
Third Party Advisory
https://huntr.dev/bounties/c6e2973d-386d-4667-9426-10d10828539b
ExploitPatchThird Party Advisory