CVE-2024-0472

Опубликовано: 12 янв. 2024

Источник: nvd

CVSS3: 3.5

CVSS3: 7.5

CVSS2: 2.7

EPSS Низкий

Описание

A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation of the argument mname leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-250577 was assigned to this vulnerability.

Ссылки

https://github.com/yingqian1984/FirePunch/blob/main/7-Dormitory%20Management%20System%20has%20Database%20information%20leakage%20modifyuser.php.pdf
Broken Link
https://vuldb.com/?ctiid.250577
Permissions Required
Third Party Advisory
https://vuldb.com/?id.250577
Permissions Required
Third Party Advisory
https://github.com/yingqian1984/FirePunch/blob/main/7-Dormitory%20Management%20System%20has%20Database%20information%20leakage%20modifyuser.php.pdf
Broken Link
https://vuldb.com/?ctiid.250577
Permissions Required
Third Party Advisory
https://vuldb.com/?id.250577
Permissions Required
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:code-projects:dormitory_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00125

Низкий

3.5 Low

CVSS3

7.5 High

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-200

NVD-CWE-noinfo

CWE-532

Связанные уязвимости

GHSA-2cmf-8p7p-w9m7

CVSS3: 3.5

github

больше 1 года назад

EPSS

Процентиль: 33%

0.00125

Низкий

3.5 Low

CVSS3

7.5 High

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-200

NVD-CWE-noinfo

CWE-532