SourceCodester Book Store Management System index.php access control
CVE-2022-4229

7.3HIGH

Key Information:

Vendor
Sourcecodester
Status
Book Store Management System
Vendor
CVE Published:
30 November 2022

Summary

A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214588.

Affected Version(s)

Book Store Management System 1.0

References

https://vuldb.com/?id.214588
vdb-entry
https://vuldb.com/?ctiid.214588
signaturepermissions-required
https://github.com/lithonn/bug-report/tree/main/vendors/o...
exploit

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ngo Van Tu
Huynh Nhat Hao
leecybersec (VulDB User)
.