CVE-2022-34919 Information

Description

The file upload wizard in Zengenti Contensis Classic before 15.2.1.79 does not correctly check that a user has authenticated. By uploading a crafted aspx file it is possible to execute arbitrary commands.

Reference

https://github.com/ahajnik/CVE-2022-34919 https://www.zengenti.com/