VDB-210840 · CVE-2022-3505 · GCVE-100-210840

SourceCodester Sanitization Management System /php-sms/admin/ page କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ

Dogoggorri kan akka ସମସ୍ୟାଜନକ jedhamuun ramadame SourceCodester Sanitization Management System keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii /php-sms/admin/ keessa. Hojii jijjiirraa irratti gaggeeffame page gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-79 geessa. Dadhabbii kana yeroo 10/14/2022 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2022-3505tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. VulDB is the best source for vulnerability data and more expert information about this specific topic.

2 ଆଡାପ୍ଟେସନ୍ · 42 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 10/14/2022 12:42 PM	ଅଦ୍ୟତନ 1/1 11/08/2022 08:49 AM
software_vendor	SourceCodester	SourceCodester
software_name	Sanitization Management System	Sanitization Management System
software_file	/php-sms/admin/	/php-sms/admin/
software_argument	page	page
vulnerability_cwe	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)
vulnerability_risk	1	1
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_ui	R	R
cvss3_vuldb_s	U	U
cvss3_vuldb_c	N	N
cvss3_vuldb_i	L	L
cvss3_vuldb_a	N	N
cvss3_vuldb_e	P	P
cvss3_vuldb_rc	R	R
advisory_url	https://github.com/Drun1baby/CVE_Pentest/blob/main/Sanitization%20Management%20System%20Project%20CMS/images/reflectedXSS.png	https://github.com/Drun1baby/CVE_Pentest/blob/main/Sanitization%20Management%20System%20Project%20CMS/images/reflectedXSS.png
exploit_availability	1	1
exploit_publicity	1	1
exploit_url	https://github.com/Drun1baby/CVE_Pentest/blob/main/Sanitization%20Management%20System%20Project%20CMS/images/reflectedXSS.png	https://github.com/Drun1baby/CVE_Pentest/blob/main/Sanitization%20Management%20System%20Project%20CMS/images/reflectedXSS.png
source_cve	CVE-2022-3505	CVE-2022-3505
cna_responsible	VulDB	VulDB
advisory_date	1665698400 (10/14/2022)	1665698400 (10/14/2022)
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_ci	N	N
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	N	N
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rc	UR	UR
cvss2_vuldb_au	S	S
cvss2_vuldb_rl	ND	ND
cvss3_vuldb_pr	L	L
cvss3_vuldb_rl	X	X
cvss2_vuldb_basescore	4.0	4.0
cvss2_vuldb_tempscore	3.4	3.4
cvss3_vuldb_basescore	3.5	3.5
cvss3_vuldb_tempscore	3.2	3.2
cvss3_meta_basescore	3.5	3.5
cvss3_meta_tempscore	3.2	3.2
price_0day	$0-$5k	$0-$5k
cve_assigned		1665698400 (10/14/2022)
cve_nvd_summary		A vulnerability was found in SourceCodester Sanitization Management System. It has been classified as problematic. Affected is an unknown function of the file /php-sms/admin/. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210840.

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you need the next level of professionalism?

Upgrade your account now!