admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-4136.json

Browse Source
This commit is contained in:
Ben Harvie 2022-11-24 14:58:42 +00:00 committed by GitHub
parent 33fd1eb94a
commit d043f77cdc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2022/4xxx/CVE-2022-4136.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "Attackers can call any existing functions at will, control the target server to access, download, create files, delete files, etc. Access may make the server a dos server. Download, so that an attacker can download the PHP Trojan to the server. Creating and deleting will destroy normal services. More than ten IPs are using this service."
"value": "Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method."
}
]
},
@ -86,4 +86,4 @@
"advisory": "fe418ae1-7c80-4d91-8a5a-923d60ba78c3",
"discovery": "EXTERNAL"
}
}
}