cnvd - cnvd-2022-57442

cnvd-2022-57442

Vulnerability from cnvd

Title: WordPress VikBooking Hotel Booking Engine & PMS plugin文件上传漏洞

Description:

WordPress等都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。WordPress plugin是一个应用插件。PHP等都是的产品。PHP是一种在服务器端执行的脚本语言。

WordPress VikBooking Hotel Booking Engine & PMS plugin 1.5.8之前版本存在文件上传漏洞，该漏洞源于插件无法正确验证图片。攻击者可利用该漏洞上传伪装成图片并包含恶意PHP代码的PHP文件执行恶意代码。

Severity: 中

Patch Name: WordPress VikBooking Hotel Booking Engine & PMS plugin文件上传漏洞的补丁

Patch Description:

WordPress VikBooking Hotel Booking Engine & PMS plugin 1.5.8之前版本存在文件上传漏洞，该漏洞源于插件无法正确验证图片。攻击者可利用该漏洞上传伪装成图片并包含恶意PHP代码的PHP文件执行恶意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://wpscan.com/vulnerability/1330f8f7-4a59-4e9d-acae-21656a4101fe

Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-1409

Impacted products

Name
WordPress VikBooking Hotel Booking Engine & PMS plugin <1.5.8

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-1409",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-1409"
    }
  },
  "description": "WordPress\u7b49\u90fd\u662fWordPress\u57fa\u91d1\u4f1a\u7684\u4ea7\u54c1\u3002WordPress\u662f\u4e00\u5957\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u535a\u5ba2\u5e73\u53f0\u3002WordPress plugin\u662f\u4e00\u4e2a\u5e94\u7528\u63d2\u4ef6\u3002PHP\u7b49\u90fd\u662f\u7684\u4ea7\u54c1\u3002PHP\u662f\u4e00\u79cd\u5728\u670d\u52a1\u5668\u7aef\u6267\u884c\u7684\u811a\u672c\u8bed\u8a00\u3002\n\nWordPress VikBooking Hotel Booking Engine \u0026 PMS plugin 1.5.8\u4e4b\u524d\u7248\u672c\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u63d2\u4ef6\u65e0\u6cd5\u6b63\u786e\u9a8c\u8bc1\u56fe\u7247\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u4f2a\u88c5\u6210\u56fe\u7247\u5e76\u5305\u542b\u6076\u610fPHP\u4ee3\u7801\u7684PHP\u6587\u4ef6\u6267\u884c\u6076\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://wpscan.com/vulnerability/1330f8f7-4a59-4e9d-acae-21656a4101fe",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-57442",
  "openTime": "2022-08-18",
  "patchDescription": "WordPress\u7b49\u90fd\u662fWordPress\u57fa\u91d1\u4f1a\u7684\u4ea7\u54c1\u3002WordPress\u662f\u4e00\u5957\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u535a\u5ba2\u5e73\u53f0\u3002WordPress plugin\u662f\u4e00\u4e2a\u5e94\u7528\u63d2\u4ef6\u3002PHP\u7b49\u90fd\u662f\u7684\u4ea7\u54c1\u3002PHP\u662f\u4e00\u79cd\u5728\u670d\u52a1\u5668\u7aef\u6267\u884c\u7684\u811a\u672c\u8bed\u8a00\u3002\r\n\r\nWordPress VikBooking Hotel Booking Engine \u0026 PMS plugin 1.5.8\u4e4b\u524d\u7248\u672c\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u63d2\u4ef6\u65e0\u6cd5\u6b63\u786e\u9a8c\u8bc1\u56fe\u7247\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u4f2a\u88c5\u6210\u56fe\u7247\u5e76\u5305\u542b\u6076\u610fPHP\u4ee3\u7801\u7684PHP\u6587\u4ef6\u6267\u884c\u6076\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "WordPress VikBooking Hotel Booking Engine \u0026 PMS plugin\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "WordPress VikBooking Hotel Booking Engine \u0026 PMS plugin \u003c1.5.8"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-1409",
  "serverity": "\u4e2d",
  "submitTime": "2022-05-18",
  "title": "WordPress VikBooking Hotel Booking Engine \u0026 PMS plugin\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e"
}

CVE-2022-1409 (GCVE-0-2022-1409)

Vulnerability from cvelistv5

Published

2022-05-16 14:30

Modified

2024-08-03 00:03

Severity ?

CWE

CWE-434 - Unrestricted Upload of File with Dangerous Type

Summary

The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code

References

▼	URL	Tags
	https://wpscan.com/vulnerability/1330f8f7-4a59-4e9d-acae-21656a4101fe	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Unknown	VikBooking Hotel Booking Engine & PMS	Version: 1.5.8 < 1.5.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:03:06.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/1330f8f7-4a59-4e9d-acae-21656a4101fe"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VikBooking Hotel Booking Engine \u0026 PMS",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "1.5.8",
              "status": "affected",
              "version": "1.5.8",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Gabriel3476"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The VikBooking Hotel Booking Engine \u0026 PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-434",
              "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-16T14:30:58",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/1330f8f7-4a59-4e9d-acae-21656a4101fe"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "VikBooking Hotel Booking Engine \u0026 PMS \u003c 1.5.8 - Admin+ PHP File Upload",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2022-1409",
          "STATE": "PUBLIC",
          "TITLE": "VikBooking Hotel Booking Engine \u0026 PMS \u003c 1.5.8 - Admin+ PHP File Upload"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VikBooking Hotel Booking Engine \u0026 PMS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "1.5.8",
                            "version_value": "1.5.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Gabriel3476"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The VikBooking Hotel Booking Engine \u0026 PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code"
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/1330f8f7-4a59-4e9d-acae-21656a4101fe",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/1330f8f7-4a59-4e9d-acae-21656a4101fe"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2022-1409",
    "datePublished": "2022-05-16T14:30:58",
    "dateReserved": "2022-04-20T00:00:00",
    "dateUpdated": "2024-08-03T00:03:06.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted