Lucene search
MitreCVE-2022-40925HistorySep 26, 2022 - 1:15 p.m.
CVE-2022-40925
2022-09-2613:15:11
CWE-434
mitre
web.nvd.nist.gov
37
cve-2022-40925
zoo management system
arbitrary file upload
save_event
events module
background management system
nvd
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
42.9%
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the “save_event” file of the “Events” module in the background management system.
Affected configurations
Node
phpgurukulzoo_management_systemMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpgurukul | zoo_management_system | 1.0 | cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:* |
Related
prion
prion
Privilege escalation
2022-09-26 13:15:00
cvelist
cvelist
CVE-2022-40925
2022-09-26 12:04:33
cnvd
cnvd
Zoo Management System save_event arbitrary file upload vulnerability
2022-09-28 00:00:00
nvd
nvd
CVE-2022-40925
2022-09-26 13:15:11
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
42.9%
Related for CVE-2022-40925