CVE-2022-26605

eZiosuite v2.0.7 contains an authenticated arbitrary file upload via the Avatar upload functionality.
References
Link Resource
https://github.com/Chu1z1/Chuizi/issues/1 Exploit Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:dascomsoft:eziosuite:2.0.7:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-04-06 21:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-26605

Mitre link : CVE-2022-26605

CVE.ORG link : CVE-2022-26605


JSON object : View

Products Affected

dascomsoft

  • eziosuite
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type