CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-29353

An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://youtu.be/2kHm_henVM4
https://youtu.be/2kHm_henVM4

Products affected by CVE-2022-29353

Graphql-Upload Project » Graphql-Upload » Version: 13.0.0

cpe:2.3:a:graphql-upload_project:graphql-upload:13.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29353

Products

Pricing

Contact Us