CVE-2022-45544 Information

Description

Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter.

Reference

https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.7-2.zip https://blog.tristaomarinho.com/schlix-cms-2-2-7-2-arbitrary-file-upload/ https://github.com/tristao-marinho/CVE-2022-45544/blob/main/README.md https://www.schlix.com/