CVE-2022-23986

SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the database via unspecified vectors.
References
Link Resource
https://github.com/shimosyan/phpUploader/releases/tag/v1.2.1 Patch Release Notes Third Party Advisory
https://jvn.jp/en/jp/JVN00095004/index.html Third Party Advisory
https://github.com/shimosyan/phpUploader/releases/tag/v1.2.1 Patch Release Notes Third Party Advisory
https://jvn.jp/en/jp/JVN00095004/index.html Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpuploader_project:phpuploader:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-02-24 15:15

Updated : 2024-11-21 06:49


NVD link : CVE-2022-23986

Mitre link : CVE-2022-23986

CVE.ORG link : CVE-2022-23986


JSON object : View

Products Affected

phpuploader_project

  • phpuploader
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')