Lucene search

[email protected]CVE-2022-2740

HistoryAug 11, 2022 - 5:15 a.m.

CVE-2022-2740

2022-08-1105:15:07

CWE-434

[email protected]

web.nvd.nist.gov

cve-2022-2740

sourcecodester

cms

vulnerability

remote attack

unrestricted upload

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

JSON

A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attack can be initiated remotely. VDB-205882 is the identifier assigned to this vulnerability.

Affected configurations

NVD

Node

company_website_cms_projectcompany_website_cmsMatch-

CPENameOperatorVersion
company_website_cms_project:company_website_cmscompany website cms project company website cmseq-

CPE	Name	Operator	Version
company_website_cms_project:company_website_cms	company website cms project company website cms	eq	-

CNA Affected

[
  {
    "product": "Company Website CMS",
    "vendor": "SourceCodester",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

vuldb.com/?id.205882

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

JSON

Related for CVE-2022-2740

prion1 nvd1 cvelist1