Security Advisory

CVE-2022-40777

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-11 00:00:00

Last updated 2024-08-03 12:28:42

Assigner mitre

State PUBLISHED

Description

Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an incomplete fix for CVE-2018-19550.

← Browse all CVEs View on cve.org ↗