CVE-2022-42197

Опубликовано: 20 окт. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

In Simple Exam Reviewer Management System v1.0 the User List function has improper access control that allows low privileged users to modify user permissions to higher privileges.

Ссылки

https://github.com/ciph0x01/Simple-Exam-Reviewer-Management-System-CVE/blob/main/CVE-2022-42197.md
Exploit
Third Party Advisory
https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html
Product
https://github.com/ciph0x01/Simple-Exam-Reviewer-Management-System-CVE/blob/main/CVE-2022-42197.md
Exploit
Third Party Advisory
https://www.sourcecodester.com/php/15160/simple-exam-reviewer-management-system-phpoop-free-source-code.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_exam_reviewer_management_system_project:simple_exam_reviewer_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00125

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-425

Связанные уязвимости

GHSA-44g9-qrmg-2wvf