CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-26247

TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user/Update2. This vulnerability allows attackers to modify the administrator account and password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.9%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

https://github.com/xiweicheng/tms/issues/16
https://github.com/xiweicheng/tms/issues/16

Products affected by CVE-2022-26247

Teamwork Management System Project » Teamwork Management System » Version: 2.28.0

cpe:2.3:a:teamwork_management_system_project:teamwork_management_system:2.28.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-26247

Products

Pricing

Contact Us