SourceCodester Web-Based Student Clearance System 1.0 Photo edit-photo.php ବିସ୍ତାରିତ ଅଧିକାର

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu SourceCodester Web-Based Student Clearance System 1.0 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne faayilii edit-photo.php keessa kutaa Photo Handler keessa. Dhugumatti jijjiirraa gara ବିସ୍ତାରିତ ଅଧିକାର geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-434 si geessa. Dogoggorri 09/10/2022 irratti adda bahe. Beekumsi kun yeroo 10/09/2022 ifoomsifameera kan ifoomsise Akash Pandey (l3v1ath0n) akka Blog Post (ମଧ୍ୟମ). Odeeffannoon kun buufachuuf medium.com irratti dhiyaateera. Beeksisni uummataaf ifa ba'uu waliigaltee oomisha qopheessituu waliin malee raawwatame. Dogoggorri kun maqaa CVE-2022-3436 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana packetstormsecurity.com irraa buufachuu ni dandeessa. Hanqinni kun guyyoota 29 caalaa akka zero-day kan ummataaf hin ifneetti fayyadamee ture. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

6 ଆଡାପ୍ଟେସନ୍ · 72 ପଏଣ୍ଟ

ଫିଲ୍ଡଅଦ୍ୟତନ 1/5
10/09/2022 10:42 AM		ଅଦ୍ୟତନ 2/5
10/09/2022 02:37 PM		ଅଦ୍ୟତନ 3/5
10/11/2022 10:30 AM		ଅଦ୍ୟତନ 4/5
10/31/2022 02:15 PM		ଅଦ୍ୟତନ 5/5
06/20/2024 10:26 AM
software_vendorSourceCodesterSourceCodesterSourceCodesterSourceCodesterSourceCodester
software_nameWeb-Based Student Clearance SystemWeb-Based Student Clearance SystemWeb-Based Student Clearance SystemWeb-Based Student Clearance SystemWeb-Based Student Clearance System
software_version1.01.01.01.01.0
software_componentPhoto HandlerPhoto HandlerPhoto HandlerPhoto HandlerPhoto Handler
software_fileedit-photo.phpedit-photo.phpedit-photo.phpedit-photo.phpedit-photo.php
vulnerability_cweCWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)
vulnerability_risk22222
cvss3_vuldb_avNNNNN
cvss3_vuldb_acLLLLL
cvss3_vuldb_prLLLLL
cvss3_vuldb_uiNNNNN
cvss3_vuldb_sUUUUU
cvss3_vuldb_cLLLLL
cvss3_vuldb_iLLLLL
cvss3_vuldb_aLLLLL
source_cveCVE-2022-3436CVE-2022-3436CVE-2022-3436CVE-2022-3436CVE-2022-3436
cna_responsibleVulDBVulDBVulDBVulDBVulDB
advisory_date1665266400 (10/09/2022)1665266400 (10/09/2022)1665266400 (10/09/2022)1665266400 (10/09/2022)1665266400 (10/09/2022)
cvss2_vuldb_avNNNNN
cvss2_vuldb_acLLLLL
cvss2_vuldb_ciPPPPP
cvss2_vuldb_iiPPPPP
cvss2_vuldb_aiPPPPP
cvss2_vuldb_auSSSSS
cvss2_vuldb_eNDNDNDNDPOC
cvss2_vuldb_rlNDNDNDNDND
cvss2_vuldb_rcNDNDNDNDND
cvss3_vuldb_eXXXXP
cvss3_vuldb_rlXXXXX
cvss3_vuldb_rcXXXXX
cvss2_vuldb_basescore6.56.56.56.56.5
cvss2_vuldb_tempscore6.56.56.56.55.9
cvss3_vuldb_basescore6.36.36.36.36.3
cvss3_vuldb_tempscore6.36.36.36.36.0
cvss3_meta_basescore6.36.36.36.36.3
cvss3_meta_tempscore6.36.36.36.36.0
price_0day$0-$5k$0-$5k$0-$5k$0-$5k$0-$5k
person_nameAkash PandeyAkash PandeyAkash PandeyAkash PandeyAkash Pandey
person_nicknamel3v1ath0nl3v1ath0nl3v1ath0nl3v1ath0nl3v1ath0n
person_mailakashpandey380@*****.***akashpandey380@*****.***akashpandey380@*****.***akashpandey380@*****.***akashpandey380@*****.***
person_websitehttps://github.com/1337-L3V1ATH0Nhttps://github.com/1337-L3V1ATH0Nhttps://github.com/1337-L3V1ATH0Nhttps://github.com/1337-L3V1ATH0Nhttps://github.com/1337-L3V1ATH0N
advisory_typeBlog PostBlog PostBlog PostBlog Post
advisory_urlhttps://medium.com/@akashpandey380/web-based-student-clearance-v1-0-e2548d35188bhttps://medium.com/@akashpandey380/web-based-student-clearance-v1-0-e2548d35188bhttps://medium.com/@akashpandey380/web-based-student-clearance-v1-0-e2548d35188bhttps://medium.com/@akashpandey380/web-based-student-clearance-v1-0-e2548d35188b
exploit_urlhttps://medium.com/@akashpandey380/web-based-student-clearance-v1-0-e2548d35188bhttps://packetstormsecurity.com/files/168667/Web-Based-Student-Clearance-1.0-Shell-Upload.htmlhttps://packetstormsecurity.com/files/168667/Web-Based-Student-Clearance-1.0-Shell-Upload.htmlhttps://packetstormsecurity.com/files/168667/Web-Based-Student-Clearance-1.0-Shell-Upload.html
advisory_locationMediumMediumMediumMedium
advisory_coordination0000
exploit_googlehackinurl:edit-photo.phpinurl:edit-photo.phpinurl:edit-photo.phpinurl:edit-photo.php
vulnerability_discoverydate1662760800 (09/10/2022)1662760800 (09/10/2022)1662760800 (09/10/2022)1662760800 (09/10/2022)
exploit_publicity111
exploit_availability111
cve_nvd_summaryA vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367.A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367.
cvss4_vuldb_eP
cvss4_vuldb_avN
cvss4_vuldb_acL
cvss4_vuldb_prL
cvss4_vuldb_uiN
cvss4_vuldb_vcL
cvss4_vuldb_viL
cvss4_vuldb_vaL
cvss4_vuldb_atN
cvss4_vuldb_scN
cvss4_vuldb_siN
cvss4_vuldb_saN
cvss4_vuldb_bscore5.3
cvss4_vuldb_btscore2.1

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Interested in the pricing of exploits?

See the underground prices here!