exploitDog

CVE-2022-30821

Опубликовано: 02 июн. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

In Wedding Management System v1.0, the editing function of the "Services" module in the background management system has an arbitrary file upload vulnerability in the picture upload point of "package_edit.php" file.

Ссылки

https://github.com/k0xx11/bug_report/blob/main/vendors/codeastro.com/wedding-management-system/RCE-2.md
Exploit
Third Party Advisory
https://github.com/k0xx11/bug_report/blob/main/vendors/codeastro.com/wedding-management-system/RCE-2.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wedding_management_system_project:wedding_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00423

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-3vwr-m2j6-695j

CVSS3: 8.8

github

больше 3 лет назад

In Wedding Management System v1.0, the editing function of the "Services" module in the background management system has an arbitrary file upload vulnerability in the picture upload point of "package_edit.php" file.

EPSS

Процентиль: 62%

0.00423

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434