CVE-2022-50894
- EPSS 0.01%
- Veröffentlicht 13.01.2026 22:56:20
- Zuletzt bearbeitet 26.01.2026 16:15:56
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the img_id parameter. Attackers can send GET requests to edit_gallery_image.php with...
CVE-2022-50893
- EPSS 1.07%
- Veröffentlicht 13.01.2026 22:56:15
- Zuletzt bearbeitet 22.01.2026 20:13:41
VIAVIWEB Wallpaper Admin 1.0 contains an unauthenticated remote code execution vulnerability in the image upload functionality. Attackers can upload a malicious PHP file through the add_gallery_image.php endpoint to execute arbitrary code on the serv...
CVE-2022-50892
- EPSS 0.18%
- Veröffentlicht 13.01.2026 22:56:08
- Zuletzt bearbeitet 22.01.2026 20:19:57
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized ac...