A vulnerability classified as critical was found in SourceCodester Gas Agency Management System. Affected by this vulnerability is an unknown functionality of the file /gasmark/assets/myimages/oneWord.php. The manipulation of the argument shell leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206173 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/Drun1baby/CVE_Pentest/blob/main/Gas%20Agency%20Management%20System%20CMS/images/oneWorld.png | Exploit Third Party Advisory |
https://vuldb.com/?id.206173 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Aug 2022, 17:51
Type | Values Removed | Values Added |
---|---|---|
First Time |
Gas Agency Management System Project
Gas Agency Management System Project gas Agency Management System |
|
References | (N/A) https://vuldb.com/?id.206173 - Third Party Advisory | |
References | (N/A) https://github.com/Drun1baby/CVE_Pentest/blob/main/Gas%20Agency%20Management%20System%20CMS/images/oneWorld.png - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:gas_agency_management_system_project:gas_agency_management_system:-:*:*:*:*:*:*:* |
12 Aug 2022, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-12 10:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-2779
Mitre link : CVE-2022-2779
CVE.ORG link : CVE-2022-2779
JSON object : View
Products Affected
gas_agency_management_system_project
- gas_agency_management_system
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type