CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-24582

Accounting Journal Management 1.0 is vulnerable to XSS-PHPSESSID-Hijacking. The parameter manage_user from User lists is vulnerable to XSS-Stored and PHPSESSID attacks. The malicious user can attack the system by using the already session which he has from inside and outside of the network.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.2%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Accounting-Journal-Management
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Accounting-Journal-Management

Products affected by CVE-2022-24582

Accounting Journal Management Project » Accounting Journal Management » Version: 1.0

cpe:2.3:a:accounting_journal_management_project:accounting_journal_management:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24582

Products

Pricing

Contact Us