CVSS: 7.2EPSS: 39%CPEs: 1EXPL: 5CVE-2022-31854 – CodoForum v5.1 - Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2022-31854
Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. Se ha detectado que Codoforum versión v5.1, contiene una vulnerabilidad de carga de archivos arbitraria por medio de la opción de cambio de logotipo en el panel de administración CodoForum version 5.1 suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/50978 https://github.com/Vikaran101/CVE-2022-31854 http://packetstormsecurity.com/files/167782/CodoForum-5.1-Remote-Code-Execution.html https://codoforum.com https://github.com/Vikaran101/CVE-2022-31854/blob/main/exploit.py https://vikaran101.medium.com/codoforum-v5-1-authenticated-rce-my-first-cve-f49e19b8bc • CWE-434: Unrestricted Upload of File with Dangerous Type •