SourceCodester Human Resource Management System Profile Photo os command injection
CVE-2022-3492

6.3MEDIUM

Key Information:

Vendor: Sourcecodester
Status: Human Resource Management System
Vendor: CVE Published:; 13 October 2022

Summary

A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-210772.

Affected Version(s)

Human Resource Management System 1.0

References

https://vuldb.com/?id.210772

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2022
Vulnerability Reserved
Oct 13, 2022