En0Th

#12024of 53,624
22.8Total CVSS
Vulnerabilities · 3
Medium
2
Critical
1
PT-2022-27882
6.5
2022-12-23
Nbnbk · Nbnbk · CVE-2022-46492
**Name of the Vulnerable Software and Affected Versions** nbnbk (affected versions not specified) **Description** The issue is related to an arbitrary file read vulnerability. This vulnerability is exploited via the `/api/Index/getFileBinary` API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-27881
6.5
2022-12-22
Nbnbk · Nbnbk · CVE-2022-46491
**Name of the Vulnerable Software and Affected Versions** nbnbk (affected versions not specified) **Description** A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function allows attackers to arbitrarily add Administrator accounts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-27883
9.8
2022-12-22
Nbnbk · Nbnbk · CVE-2022-46493
**Name of the Vulnerable Software and Affected Versions** nbnbk (affected versions not specified) **Description** The issue is related to an arbitrary file upload vulnerability. This vulnerability is exploited via the `/api/User/download img` API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.