CVE-2022-2019

Published: Jun 9, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php?f=save of the component New User Creation. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Affected (1)

Products: Prison Management System Project: Prison Management System

Prison Management System Project

1 product

Prison Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Prison Management System Project Prison Management System	Version 1.0

Related CWEs

Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References (4)

https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System--.md

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?id.201367

Source: cna@vuldb.com

Third Party Advisory

https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Prison%20Management%20System--.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://vuldb.com/?id.201367

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.