exploitDog

CVE-2022-41446

Опубликовано: 23 нояб. 2022

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

An access control issue in /Admin/dashboard.php of Record Management System using CodeIgniter v1.0 allows attackers to access and modify user data.

Ссылки

https://drive.google.com/file/d/1Rre498CWp9pWyW9h5ran8GkW6TA2NztC/view?usp=sharing
Exploit
Third Party Advisory
https://github.com/RashidKhanPathan/CVE-2022-41446
Exploit
Third Party Advisory
https://ihexcoder.wixsite.com/secresearch/post/privilege-escalation-in-teachers-record-management-system-using-codeignitor
Broken Link
https://phpgurukul.com/teachers-record-management-system-using-codeigniter/
Product
https://drive.google.com/file/d/1Rre498CWp9pWyW9h5ran8GkW6TA2NztC/view?usp=sharing
Exploit
Third Party Advisory
https://github.com/RashidKhanPathan/CVE-2022-41446
Exploit
Third Party Advisory
https://ihexcoder.wixsite.com/secresearch/post/privilege-escalation-in-teachers-record-management-system-using-codeignitor
Broken Link
https://phpgurukul.com/teachers-record-management-system-using-codeigniter/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:record_management_system_project:record_management_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.03077

Низкий

5.4 Medium

CVSS3

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-r935-j23v-m897

CVSS3: 5.4

github

около 3 лет назад

An access control issue in /Admin/dashboard.php of Record Management System using CodeIgniter v1.0 allows attackers to access and modify user data.

EPSS

Процентиль: 86%

0.03077

Низкий

5.4 Medium

CVSS3

Дефекты

NVD-CWE-Other