CVE-2024-2150

Опубликовано: 03 мар. 2024

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

A vulnerability, which was classified as critical, has been found in SourceCodester Insurance Management System 1.0. This issue affects some unknown processing. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255503.

Ссылки

https://github.com/wkeyi0x1/vul-report/blob/main/Insurance%20Management%20System%20PHP%20and%20MySQL/Insurance%20Management%20System%20PHP%20and%20MySQL%20v1.0%20-%20File%20Inclusion.md
Broken Link
https://vuldb.com/?ctiid.255503
Permissions Required
VDB Entry
https://vuldb.com/?id.255503
Third Party Advisory
VDB Entry
https://github.com/wkeyi0x1/vul-report/blob/main/Insurance%20Management%20System%20PHP%20and%20MySQL/Insurance%20Management%20System%20PHP%20and%20MySQL%20v1.0%20-%20File%20Inclusion.md
Broken Link
https://vuldb.com/?ctiid.255503
Permissions Required
VDB Entry
https://vuldb.com/?id.255503
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:munyweki:insurance_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00054

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-73

NVD-CWE-Other

Связанные уязвимости

GHSA-h3pc-p5gc-rxc4