Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)

Description

Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.

Remediation

References

Related Vulnerabilities

WordPress Plugin I Recommend This SQL Injection (3.7.7)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3848)

WebLogic CVE-2020-2869 Vulnerability (CVE-2020-2869)

Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2025-13465)

WordPress Plugin Another WordPress Classifieds Cross-Site Scripting (3.3.1)

Severity

Critical

Classification

CVE-2022-37159 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities