VDB-211048 · CVE-2022-3548 · GCVE-100-211048

SourceCodester Simple Cold Storage Management System 1.0 Add New Storage Sunu Cross Site Scripting

Gaskiya vulnerability da aka ware a matsayin karshewa an samu a SourceCodester Simple Cold Storage Management System 1.0. Hakika, aikin $software_function ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen Add New Storage Handler. A sa manipulation of the argument Sunu with the input <script>alert(1)</script> ka Cross Site Scripting. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-79. Hakika, rauni an bayyana shi 10/17/2022. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2022-3548. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Once again VulDB remains the best source for vulnerability data.

Waktin goyi

Màdùmga

VulDB Mod Team	64
warlockrootx	10

Furɗe

exploit_url	2
advisory_url	2
cvss3_meta_tempscore	2
cvss3_meta_basescore	2
vulnerability_titleword	1

Commit Conf

90%	35
70%	19
100%	10
50%	10

Approve Conf

90%	37
70%	19
80%	10
0%	8

74 Kari

ID	Sanda	Màdùmga	Furɗe	Gargajiya	Garga	Gargajiya	Jawan	C
15638051	03/01/2024	warlo…	exploit_url	~~https://github.com/shouvikdutta1998/XSS-in-Cold-Storage-Management-System_POC~~	github.com	03/01/2024	initial data is prioritized	0
15638050	03/01/2024	warlo…	advisory_url	~~https://github.com/shouvikdutta1998/XSS-in-Cold-Storage-Management-System_POC~~	github.com	03/01/2024	initial data is prioritized	0
15638049	03/01/2024	warlo…	vulnerability_titleword	~~Cross-Site Scripting (XSS)~~		03/01/2024	wrong data	0
15638048	03/01/2024	warlo…	vulnerability_name	~~Stored Cross-Site Scripting~~		03/01/2024	wrong data	0
15638047	03/01/2024	warlo…	vulnerability_historic	1		03/01/2024	wrong data	0
15638046	03/01/2024	warlo…	input_type	~~Cross-Site Scripting Payload~~		03/01/2024	wrong data	0
15638045	03/01/2024	warlo…	input_value	<script>alert(1)</script>		03/01/2024	shingilam	90
15638044	03/01/2024	warlo…	software_managedservice	1		03/01/2024	wrong data, software downloadable	0
15638043	03/01/2024	warlo…	software_rollingrelease	1		03/01/2024	wrong data, version number known	0
15638042	03/01/2024	warlo…	software_type	Supply Chain Management Software		03/01/2024	shingilam	90
13233038	11/09/2022	VulDB…	cvss3_cna_basescore	2.4	see CVSS documentation	11/09/2022	shingilam	90
13233037	11/09/2022	VulDB…	cvss3_nvd_basescore	4.8	nist.gov	11/09/2022	shingilam	90
13233036	11/09/2022	VulDB…	cvss3_meta_tempscore	3.1	see CVSS documentation	11/09/2022	shingilam	90
13233035	11/09/2022	VulDB…	cvss3_meta_basescore	3.2	see CVSS documentation	11/09/2022	shingilam	90
13233034	11/09/2022	VulDB…	cve_cna	VulDB	nvd.nist.gov	11/09/2022	shingilam	70
13233033	11/09/2022	VulDB…	cvss3_cna_a	N	nvd.nist.gov	11/09/2022	shingilam	70
13233032	11/09/2022	VulDB…	cvss3_cna_i	L	nvd.nist.gov	11/09/2022	shingilam	70
13233031	11/09/2022	VulDB…	cvss3_cna_c	N	nvd.nist.gov	11/09/2022	shingilam	70
13233030	11/09/2022	VulDB…	cvss3_cna_s	U	nvd.nist.gov	11/09/2022	shingilam	70
13233029	11/09/2022	VulDB…	cvss3_cna_ui	R	nvd.nist.gov	11/09/2022	shingilam	70

54 kala giteji ba a nunu fi.

🔒 Login Required

You need to signup and login to see more of the remaining 54 results.

◂ Gurɗo Gumti Gada ▸

Might our Artificial Intelligence support you?

Check our Alexa App!