CVE-2022-1837

Published: May 24, 2022Modified: Jun 17, 2026

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

A vulnerability was found in Home Clean Services Management System 1.0. It has been rated as critical. Affected by this issue is register.php?link=registerand. The manipulation with the input <?php phpinfo();?> leads to code execution. The attack may be launched remotely but demands an authentication. Exploit details have been disclosed to the public.

Affected (1)

Products: Home Clean Services Management System Project: Home Clean Services Management System

Home Clean Services Management System Project

1 product

Home Clean Services Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Home Clean Services Management System Project Home Clean Services Management System	Version 1.0

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Home%20Clean%20Services%20Management%20System/HCS_add_register.php_File_Upload_Getshell.md

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?id.200582

Source: cna@vuldb.com

Third Party Advisory

https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Home%20Clean%20Services%20Management%20System/HCS_add_register.php_File_Upload_Getshell.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://vuldb.com/?id.200582

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.