CVE-2022-40797 Blast Radius

CRITICAL • CVSS 9.8Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .php, .php4, …

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2022-40797.

Start Free Scan →← Back to CVE-2022-40797