### [CVE-2022-48079](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48079)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3F%20n%2Fa%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.

### POC

#### Reference
- https://thanatosxingyu.github.io/

#### Github
No PoCs found on GitHub currently.