{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T00:41:26.359","vulnerabilities":[{"cve":{"id":"CVE-2022-39978","sourceIdentifier":"cve@mitre.org","published":"2022-10-27T20:15:34.373","lastModified":"2025-05-07T17:15:55.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point."},{"lang":"es","value":"Se descubrió que Online Pet Shop We App v1.0 contenía una vulnerabilidad de carga de archivos arbitraria a través de la función de Editing en el módulo Product List. Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario a través de un archivo PHP manipulado y cargado a través del punto de carga de la imagen."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:online_pet_shop_we_app_project:online_pet_shop_we_app:1.0:*:*:*:*:*:*:*","matchCriteriaId":"55AD129C-1298-41BA-8500-D9B677025B29"}]}]}],"references":[{"url":"https://github.com/z1pwn/bug_report/blob/main/vendors/oretnom23/online-pet-shop-we-app/RCE-1.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/z1pwn/bug_report/blob/main/vendors/oretnom23/online-pet-shop-we-app/RCE-1.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}