Vulnerability Details CVE-2022-1837
A vulnerability was found in Home Clean Services Management System 1.0. It has been rated as critical. Affected by this issue is register.php?link=registerand. The manipulation with the input <?php phpinfo();?> leads to code execution. The attack may be launched remotely but demands an authentication. Exploit details have been disclosed to the public.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.3%
CVSS Severity
CVSS v3 Score 4.7
CVSS v2 Score 6.5
References
- https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Home%20Clean%20Services%20Management%20System/HCS_add_register.php_File_Upload_Getshell.md
- https://vuldb.com/?id.200582
- https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Home%20Clean%20Services%20Management%20System/HCS_add_register.php_File_Upload_Getshell.md
- https://vuldb.com/?id.200582
Products affected by CVE-2022-1837
-
Home Clean Services Management System Project » Home Clean Services Management System » Version: 1.0cpe:2.3:a:home_clean_services_management_system_project:home_clean_services_management_system:1.0