Vulnerability Details CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2022-31324
-
cpe:2.3:a:pentasecurity:wapples:4.0.0
-
cpe:2.3:a:pentasecurity:wapples:4.0.54.1
-
cpe:2.3:a:pentasecurity:wapples:5.0.0
-
cpe:2.3:a:pentasecurity:wapples:5.0.0.0
-
cpe:2.3:a:pentasecurity:wapples:5.0.12
-
cpe:2.3:a:pentasecurity:wapples:5.0.12.0
-
cpe:2.3:a:pentasecurity:wapples:6.0.0
-
cpe:2.3:a:pentasecurity:wapples:v6.0.r3.4.10