Vulnerability Details CVE-2022-39978
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.4%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2022-39978
-
cpe:2.3:a:online_pet_shop_we_app_project:online_pet_shop_we_app:1.0