Facepay 1.0 camera.php userId privilegier eskalering

InträdeHistoryDiffjsonxmlCTI

I Facepay 1.0 var en kritisksvag punkt finns. Som påverkar en okänd funktion filen /face-recognition-php/facepay-master/camera.php. Manipulering av argumenten userId en okänd ingång leder till en sårbarhet klass privilegier eskalering svag punkt. Den rådgivande finns tillgänglig för nedladdning på vuldb.com. Denna svaga punkt är känd som CVE-2022-4281. Attacken på nätet kan. Det finns tekniska detaljer känd. Han deklarerade proof-of-concept. En möjlig åtgärd har utfärdats före och inte efter offentliggörandet.

Fält	05/12/2022 07:59	26/12/2022 09:11	26/12/2022 09:13
name	Facepay	Facepay	Facepay
version	1.0	1.0	1.0
file	/face-recognition-php/facepay-master/camera.php	/face-recognition-php/facepay-master/camera.php	/face-recognition-php/facepay-master/camera.php
argument	userId	userId	userId
cwe	639 (privilegier eskalering)	639 (privilegier eskalering)	639 (privilegier eskalering)
risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rc	R	R	R
availability	1	1	1
cve	CVE-2022-4281	CVE-2022-4281	CVE-2022-4281
responsible	VulDB	VulDB	VulDB
date	1670194800 (05/12/2022)	1670194800 (05/12/2022)	1670194800 (05/12/2022)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss2_vuldb_au	S	S	S
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_rl	X	X	X
cvss2_vuldb_basescore	6.5	6.5	6.5
cvss2_vuldb_tempscore	5.6	5.6	5.6
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7
cvss3_meta_basescore	6.3	6.3	7.1
cvss3_meta_tempscore	5.7	5.7	6.9
price_0day	$0-$5k	$0-$5k	$0-$5k
url		https://vuldb.com/?id.214789	https://vuldb.com/?id.214789
cve_assigned		1670194800 (05/12/2022)	1670194800 (05/12/2022)
cve_nvd_summary		A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability.	A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			L
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			L
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss3_nvd_basescore			8.8
cvss3_cna_basescore			6.3

◂ Tidigare Översikt Nästa ▸

Interested in the pricing of exploits?

See the underground prices here!