CVE-2022-44136: Unrestricted Upload of File with Dangerous Type

November 30, 2022 (updated December 2, 2022)

Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE) due to allowing arbitrary files to be uploaded.

References

com0t.github.io/zenar.io/2022/10/18/Unauthent-RCE-Zenar.io~9.3.html
nvd.nist.gov/vuln/detail/CVE-2022-44136

Code Behaviors & Features

Detect and mitigate CVE-2022-44136 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →