CVE-2024-2573

Опубликовано: 18 мар. 2024

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file /task-info.php. The manipulation leads to execution after redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257076.

Ссылки

https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-info.php.md
Broken Link
https://vuldb.com/?ctiid.257076
Permissions Required
https://vuldb.com/?id.257076
Permissions Required
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-info.php.md
Broken Link
https://vuldb.com/?ctiid.257076
Permissions Required
https://vuldb.com/?id.257076
Permissions Required

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:employee_task_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00111

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-698

Связанные уязвимости

GHSA-pwrv-jh4g-7cjw

CVSS3: 7.3

github

почти 2 года назад

EPSS

Процентиль: 30%

0.00111

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-698