exploitDog

CVE-2022-38116

Опубликовано: 30 авг. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. An unauthenticated remote attacker can access, modify system data or disrupt service.

Ссылки

https://www.twcert.org.tw/tw/cp-132-6460-2bb02-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-6460-2bb02-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:leyan:salary_management_system:*:*:*:*:*:*:*:*

Версия до 2022-06-06 (исключая)

EPSS

Процентиль: 76%

0.00935

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-798

CWE-798

Связанные уязвимости

GHSA-hphg-2cm2-59p6

CVSS3: 9.8

github

больше 3 лет назад

Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. An unauthenticated remote attacker can access, modify system data or disrupt service.

EPSS

Процентиль: 76%

0.00935

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-798

CWE-798