← back
CVE-2022-45052

Local File Inclusion in Axiell Iguana CMS

CVSS 8.8 HIGHEPSS 0.7%CWE-552
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
04 Jan 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A Local File Inclusion vulnerability has been found in Axiell Iguana CMS. Due to insufficient neutralisation of user input on the url parameter on the Proxy.type.php endpoint, external users are capable of accessing files on the server.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Axiell · Iguana

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://csirt.divd.nl/CVE-2022-45052/https://csirt.divd.nl/DIVD-2022-00064/