CVE-2022-27435

EPSS 0.58% · P69 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-27435

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Ecommerce-Website 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Ecommerce-Website是完整的电子商务网站，带有使用 PHP 和 MySql 构建的管理面板。 Ecommerce-Website v1.1.0 版本存在安全漏洞，该漏洞源于public/admin/index.php?add_product中对文件上传缺少限制。攻击者通过产品图像组件利用该漏洞上传webshell。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-27435

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-27435

请登录查看更多情报信息。

https://hackmd.io/SCbv5_iJQd2JL2LRqCQYTAx_refsource_MISC
https://drive.google.com/file/d/1op00zVWSuHO4US_iAkD0aTM-tHqqtrIl/view?usp=sharingx_refsource_MISC
https://github.com/D4rkP0w4r/Full-Ecommece-Website-Add_Product-Unrestricted-File-Upload-RCE-POCx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-27435

Same Patch Batch · n/a · 2022-04-04 · 31 CVEs total

CVE-2021-43461		Rumble Mail Server 跨站脚本漏洞
CVE-2022-24191		HTMLDOC 安全漏洞
CVE-2021-33616		RSA Archer 跨站脚本漏洞
CVE-2021-44138		Caucho Resin 路径遍历漏洞
CVE-2022-26616		PKP Vendor Open Journal System 跨站脚本漏洞
CVE-2022-27436		Ecommerce-Website跨站脚本漏洞
CVE-2022-28063		Simple Bakery Shop Management 安全漏洞
CVE-2022-28062		Car Rental System 代码问题漏洞
CVE-2021-43454		AnyTXT Searcher 代码问题漏洞
CVE-2021-43455		FreeLAN 代码问题漏洞
CVE-2021-43456		Rumble Mail Server 代码问题漏洞
CVE-2021-43457		bVPN 代码问题漏洞
CVE-2021-43458		Vembu BDR Suite 代码问题漏洞
CVE-2021-43459		Rumble Mail Server 跨站脚本漏洞
CVE-2021-43460		Mister Group System Explorer 代码问题漏洞
CVE-2022-27441		TPCMS 跨站脚本漏洞
CVE-2021-43462		Rumble Mail Server跨站脚本漏洞
CVE-2021-43463		Ext2Fsd代码问题漏洞
CVE-2020-28062		HisiPHP 代码问题漏洞
CVE-2022-25569		Bettini Srl GAMS Product Line信任管理问题漏洞

Showing top 20 of 31 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-27435

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-27435

I. Basic Information for CVE-2022-27435

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-27435

III. Intelligence Information for CVE-2022-27435

Same Patch Batch · n/a · 2022-04-04 · 31 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-27435

Leave a comment