CVE-2022-3549
SourceCodester Simple Cold Storage Management System Avatar unrestricted upload
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 4.7EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
17 out 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /csms/admin/?page=user/manage_user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211049 was assigned to this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
SourceCodester · Simple Cold Storage Management SystemQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →