PT-2022-19620 · Unknown · Counter Box

0Xb9

Published

2022-05-19

Updated

2022-05-26

CVE-2022-29446

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Counter Box plugin versions prior to 1.1.2

Description The issue is related to an Authenticated Local File Inclusion (LFI) vulnerability. This means that an attacker with administrator or higher role access can potentially include and execute local files on the server, which could lead to sensitive data exposure or code execution.

Recommendations For versions prior to 1.1.2, update to version 1.1.2 or later to resolve the issue.

Fix

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-552

Related Identifiers

CVE-2022-29446

Affected Products

Counter Box

PT-2022-19620 · Unknown · Counter Box

CVE-2022-29446

Weakness Enumeration

Related Identifiers

Affected Products

References · 4