HIGH🇵🇱 Wersja polska

CVE-2022-43146

CVSS 7.2v3.1pub. 2022-11-14upd. 2025-05-01

An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Canteen Management System Project Canteen Management System

    APP
    Canteen Management System Project
    1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-23279CRITICAL9.8ten sam produkt

Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php.

CVE-2022-43265CRITICAL9.8ten sam produkt

An arbitrary file upload vulnerability in the component /pages/save_user.php of Canteen Management System v1.0...

CVE-2022-43278HIGH7.2ten sam produkt

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the categoriesId pa...

CVE-2022-43277HIGH7.2ten sam produkt

Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthap...

CVE-2022-43290HIGH7.2ten sam produkt

Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...