CVE-2022-3770 An critical vulnerability was found in Yunjing CMS. The file /index/user/upload_img.html can be manipulated to upload files without restrictions. The attack can be initiated remotely.
The last critical vulnerability found in YunOS was discovered in the code of the file /app/catalog/type/product/price_list.type. It was classified as critical. This vulnerability allows an attacker to create a specially crafted request to cause arbitrary code execution in the context of the application. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212502. The last critical vulnerability found in YunOS was discovered in the code of the file /index/user/upload_img.html. It was classified as critical. This vulnerability allows an attacker to create a specially crafted request to cause arbitrary code execution in the context of the application. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212503. The last critical vulnerability found in YunOS was discovered in the code of the file /app/catalog/type/product/price_list.type. It was classified as critical. This vulnerability allows an attacker to create a specially crafted request to cause arbitrary code execution in the context of the application. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212504. The last critical vulnerability found in YunOS was discovered in the code of the file /index/user/upload_img.html
Summary of critical vulnerabilities in YunOS
The last critical vulnerability found in YunOS was discovered in the code of the file /index/user/upload_img.html. It was classified as critical. This vulnerability allows an attacker to create a specially crafted request to cause arbitrary code execution in the context of the application. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212503.
The last critical vulnerability found in YunOS was discovered in the code of the file /app/catalog/type/product/price_list.type. It was classified as critical. This vulnerability allows an attacker to create a specially crafted request to cause arbitrary code execution in the context of the application. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212502.
How to fix VDB-212502
This vulnerability can be fixed by updating your YunOS system.
VDB-212505
The last critical vulnerability found in YunOS was discovered in the code of the file /app/views/webservice.php. It was classified as critical. This vulnerability allows an attacker to create a specially crafted request to cause arbitrary code execution in the context of the application. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212506.
B ibliography
All Business. "Outsourcing SEO: Why It's a Good Idea." AllBusiness Blogs, authored by Steve Elliot, accessed August 02, 2018, https://www.allbusiness.com/blog/outsourcing-seo-why-it-s-a-good-idea/21277155030.html
Timeline
Published on: 10/31/2022 14:15:00 UTC
Last modified on: 11/01/2022 17:13:00 UTC