exploitDog

CVE-2021-44965

Опубликовано: 13 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server.

Ссылки

https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System
Exploit
Third Party Advisory
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:employee_record_management_system:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00553

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-f8p8-wh9f-qwp2

CVSS3: 7.5

github

около 4 лет назад

Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable server.

EPSS

Процентиль: 67%

0.00553

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-22