CVE-2022-50939
Unknown Unknown - Not Provided
Path Traversal in e107 CMS 3.2.1 Allows Critical File Overwrite

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: VulnCheck

Description
e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality (image.php) where the upload_caption parameter is not properly sanitized. An attacker with administrative privileges can use directory traversal sequences (../../../) in the upload_caption field to overwrite critical system files outside the intended upload directory. This can lead to complete compromise of the web application by overwriting configuration files, executable scripts, or other critical system components. The vulnerability was discovered by Hubert Wojciechowski and affects the image.php component in the admin interface.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50939
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
e107 e107 3.2.1
e107 e107 2.3.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2022-50939 is a critical vulnerability in e107 CMS version 3.2.1 that affects the Media Manager's remote URL upload functionality in the admin interface (image.php). The issue is caused by improper sanitization of the upload_caption parameter, which allows authenticated administrators to perform path traversal attacks by including directory traversal sequences (e.g., ../../../). This enables them to overwrite arbitrary server files outside the intended upload directory, such as configuration files or executable scripts, potentially leading to complete compromise of the web application. [2]

Impact Analysis

This vulnerability can allow an authenticated administrator to overwrite critical server files by exploiting path traversal in the upload_caption parameter. This can lead to complete compromise of the web application, including overwriting configuration files, executable scripts, or other critical system components. As a result, an attacker could execute arbitrary code, disrupt service, or gain full control over the affected server. [2]

Detection Guidance

Detection of this vulnerability involves checking for unauthorized or suspicious file uploads using directory traversal sequences in the upload_caption parameter of the Media Manager's remote URL upload functionality (image.php). One approach is to monitor HTTP POST requests to the image.php endpoint for parameters containing patterns like '../../../'. Additionally, inspecting server directories for unexpected or recently modified files outside the intended upload directory can help identify exploitation attempts. For example, using web server logs, you can grep for traversal sequences in upload_caption: `grep -r "upload_caption=.*\.\.\/\.\.\/" /var/log/apache2/access.log`. Also, scanning for unexpected PHP files in parent directories of the upload folder can indicate compromise. However, no specific detection commands are provided in the resources. [2]

Mitigation Strategies

Immediate mitigation steps include restricting administrative access to trusted users only, as exploitation requires authenticated administrator privileges. Applying input validation and sanitization on the upload_caption parameter to prevent directory traversal sequences is critical. If a patch or updated version of e107 CMS addressing this vulnerability is available, promptly apply it. Additionally, monitoring and restricting file upload types and locations can reduce risk. As a temporary measure, disabling the remote URL upload functionality in the Media Manager or restricting write permissions on directories outside the intended upload folder can help prevent exploitation. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50939. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart