CVE-2022-42092

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required.
Configurations

Configuration 1 (hide)

cpe:2.3:a:backdropcms:backdrop_cms:1.22.0:*:*:*:*:*:*:*

History

21 Nov 2024, 07:24

Type Values Removed Values Added
References () https://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unrestricted-file-upload-themes-ad42a599561c - Exploit, Third Party Advisory () https://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unrestricted-file-upload-themes-ad42a599561c - Exploit, Third Party Advisory

14 May 2024, 11:34

Type Values Removed Values Added
Summary (en) Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. (en) Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required.

Information

Published : 2022-10-07 18:15

Updated : 2024-11-21 07:24


NVD link : CVE-2022-42092

Mitre link : CVE-2022-42092

CVE.ORG link : CVE-2022-42092


JSON object : View

Products Affected

backdropcms

  • backdrop_cms
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type