SourceCodester Event Registration System 1.0 cmd escalada de privilegios

ArtículoHistoryDiffjsonxmlCTI

Una vulnerabilidad ha sido encontrada en SourceCodester Event Registration System 1.0 y clasificada como crítica. Una función desconocida es afectada por esta vulnerabilidad. A través de la manipulación del parámetro cmd de un input desconocido se causa una vulnerabilidad de clase escalada de privilegios. El advisory puede ser descargado de vuldb.com. La vulnerabilidad es identificada como CVE-2022-4232. El ataque puede ser realizado a través de la red. Los detalles técnicos son conocidos. Fue declarado como proof-of-concept. Una solución posible ha sido publicada incluso antes y no después de la publicación de la vulnerabilidad.

Campo	2022-11-30 11:55	2022-12-24 18:43	2022-12-24 18:51
vendor	SourceCodester	SourceCodester	SourceCodester
name	Event Registration System	Event Registration System	Event Registration System
version	1.0	1.0	1.0
argument	cmd	cmd	cmd
cwe	434 (escalada de privilegios)	434 (escalada de privilegios)	434 (escalada de privilegios)
risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	H	H	H
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rc	R	R	R
availability	1	1	1
cve	CVE-2022-4232	CVE-2022-4232	CVE-2022-4232
responsible	VulDB	VulDB	VulDB
date	1669762800 (2022-11-30)	1669762800 (2022-11-30)	1669762800 (2022-11-30)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	M	M	M
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_rl	X	X	X
cvss2_vuldb_basescore	5.8	5.8	5.8
cvss2_vuldb_tempscore	5.0	5.0	5.0
cvss3_vuldb_basescore	4.7	4.7	4.7
cvss3_vuldb_tempscore	4.3	4.3	4.3
cvss3_meta_basescore	4.7	4.7	6.4
cvss3_meta_tempscore	4.3	4.3	6.3
price_0day	$0-$5k	$0-$5k	$0-$5k
url		https://vuldb.com/?id.214590	https://vuldb.com/?id.214590
cve_assigned		1669762800 (2022-11-30)	1669762800 (2022-11-30)
cve_nvd_summary		A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricted upload. It is possible to launch the attack remotely. VDB-214590 is the identifier assigned to this vulnerability.	A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricted upload. It is possible to launch the attack remotely. VDB-214590 is the identifier assigned to this vulnerability.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			H
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss3_nvd_basescore			9.8
cvss3_cna_basescore			4.7

◂ Anterior Visión de conjunto Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!