Lucene search

VulDBCVE-2022-2811

HistoryAug 15, 2022 - 11:21 a.m.

CVE-2022-2811

2022-08-1511:21:29

CWE-79

VulDB

web.nvd.nist.gov

cve-2022-2811

sourcecodester

guest management system

remote attack

cross site scripting

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

49.6%

JSON

A vulnerability classified as problematic has been found in SourceCodester Guest Management System. This affects an unknown part of the file myform.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206397 was assigned to this vulnerability.

Affected configurations

Nvd

Node

guest_management_system_projectguest_management_systemMatch-

VendorProductVersionCPE
guest_management_system_projectguest_management_system-cpe:2.3:a:guest_management_system_project:guest_management_system:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
guest_management_system_project	guest_management_system	-	cpe:2.3:a:guest_management_system_project:guest_management_system:-:::::::*

CNA Affected

[
  {
    "product": "Guest Management System",
    "vendor": "SourceCodester",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

s1.ax1x.com/2022/08/13/vtDEFO.png

vuldb.com/?id.206397

Social References

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

49.6%

JSON

Related for CVE-2022-2811