CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27960

Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users' personal information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.2%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 5.5

References

https://gitee.com/oufu/ofcms/issues/I4Z8SS
https://gitee.com/oufu/ofcms/issues/I4Z8SS

Products affected by CVE-2022-27960

Ofcms Project » Ofcms » Version: 1.1.4

cpe:2.3:a:ofcms_project:ofcms:1.1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27960

Products

Pricing

Contact Us