Vulnerability Details CVE-2022-45896
Planet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. Upload2.ashx can be used, or Ajax.asmx/ProcessUpload2. This leads to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.5%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-45896
-
cpe:2.3:a:planetestream:planet_estream:-