CVE-2022-45338

EPSS 0.07% · P20 Updated Apr 29, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-45338

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Exact Synergy Enterprise 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Exact Synergy Enterprise是荷兰Exact公司的一个处理所有业务流程并将其与 ERP 系统集成的平台。 Exact Synergy Enterprise 267 267SP13之前版本、Exact Synergy Enterprise 500 500SP6之前版本存在安全漏洞，该漏洞源于个人资料图片上传功能允许上传 SVG 图片，攻击者利用该漏洞可以使用任意 JavaScript 代码上传 SVG 图像，该文件将被应用程序接受并存储在应用程序的服务器上，在受害者浏览器的上下文中执行制

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-45338

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-45338

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-12-15 · 27 CVEs total

CVE-2022-24377	7.4 HIGH	Command Injection
CVE-2022-4527	3.5 LOW	collective.task table.py AssignedGroupColumn cross site scripting
CVE-2022-40001		FeehiCMS 跨站脚本漏洞
CVE-2022-46634		TOTOLINK A7100RU 操作系统命令注入漏洞
CVE-2022-46631		TOTOLINK A7100RU 操作系统命令注入漏洞
CVE-2022-46393		Mbed TLS 缓冲区错误漏洞
CVE-2022-46392		Mbed TLS 安全漏洞
CVE-2022-45969		Alist 路径遍历漏洞
CVE-2022-45033		Expense Tracker 跨站脚本漏洞
CVE-2022-44236		Beijing Zed-3 Technologies VoIP simpliclty 安全漏洞
CVE-2022-44235		Beijing Zed-3 Technologies VoIP simpliclty 跨站脚本漏洞
CVE-2022-40373		FeehiCMS 跨站脚本漏洞
CVE-2022-40004		Thingsboard 跨站脚本漏洞
CVE-2022-40002		FeehiCMS 跨站脚本漏洞
CVE-2022-40000		FeehiCMS 跨站脚本漏洞
CVE-2021-39428		EyouCms 跨站脚本漏洞
CVE-2021-39427		188Jianzhan 跨站脚本漏洞
CVE-2021-39426		SeaCMS 代码注入漏洞
CVE-2021-36573		FeehiCMS 跨站脚本漏洞
CVE-2021-36572		FeehiCMS 跨站脚本漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-45338

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-45338

I. Basic Information for CVE-2022-45338

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-45338

III. Intelligence Information for CVE-2022-45338

Same Patch Batch · n/a · 2022-12-15 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-45338

Leave a comment