{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-4232","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","assignerShortName":"VulDB","dateUpdated":"2024-08-03T01:34:49.949Z","dateReserved":"2022-11-30T00:00:00.000Z","datePublished":"2022-11-30T00:00:00.000Z"},"containers":{"cna":{"title":"SourceCodester Event Registration System unrestricted upload","providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2022-11-30T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricted upload. It is possible to launch the attack remotely. VDB-214590 is the identifier assigned to this vulnerability."}],"affected":[{"vendor":"SourceCodester","product":"Event Registration System","versions":[{"version":"1.0","status":"affected"}]}],"references":[{"url":"https://vuldb.com/?id.214590"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":4.7,"baseSeverity":"MEDIUM"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-266 Incorrect Privilege Assignment -> CWE-284 Improper Access Controls -> CWE-434 Unrestricted Upload","cweId":"CWE-266"}]}],"x_generator":"vuldb.com"},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T01:34:49.949Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.214590","tags":["x_transferred"]}]}]}}