CVE-2022-4228

MEDIUM 5.3

SourceCodester Book Store Management System information disclosure

CVSS Score

5.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214587.

CWE	CWE-200
Vendor	sourcecodester
Product	book store management system
Published	Nov 30, 2022
Last Updated	Nov 19, 2024

Stay Ahead of the Next One

Get instant alerts for sourcecodester book store management system

Be the first to know when new medium vulnerabilities affecting sourcecodester book store management system are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

SourceCodester / Book Store Management System

1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.214587 vuldb.com: https://vuldb.com/?ctiid.214587 github.com: https://github.com/lithonn/bug-report/tree/main/vendors/oretnom23/bsms_ci/passwd-hash

Credits

Ngo Van Tu Le Thi Huyen My Tran Thi Nho leecybersec (VulDB User)