Security Advisory

CVE-2022-27862

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-19 20:26:26

Last updated 2025-02-20 20:26:06

Assigner Patchstack

State PUBLISHED

Description

Arbitrary File Upload leading to RCE in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 on WordPress allows attackers to upload and execute dangerous file types (e.g. PHP shell) via the signature upload on the booking form.

← Browse all CVEs View on cve.org ↗