3 matches found
CVE-2022-25402
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files...
CVE-2022-25402
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files...
CVE-2022-25402
CVE-2022-25402 describes an improper access-control flaw in HMS v1.0 that allows unauthenticated attackers to read and modify all PHP files. The root cause is an incorrect access-control mechanism that fails to limit access to sensitive PHP assets. Affected product: HMS v1.0 (as per multiple sour...