Unrated severityNVD Advisory· Published Jan 3, 2023· Updated Aug 3, 2024
CVE-2022-44036
CVE-2022-44036
Description
In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allowed for admins, leading to command execution. NOTE: the vendor's position is that this is "very obviously a feature not an issue and if you don't like that feature it is very obvious how to disable it."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = 7.2.5
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.