CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.1%

CVSS Severity

CVSS v3 Score 6.5

References

https://assura.atlassian.net/wiki/spaces/VULNS/pages/1843134469/CVE-2022-34002+Personnel+Data+Systems+PDS+Vista+7+-+Local+File+Inclusion
https://assurainc.com
https://assura.atlassian.net/wiki/spaces/VULNS/pages/1843134469/CVE-2022-34002+Personnel+Data+Systems+PDS+Vista+7+-+Local+File+Inclusion
https://assurainc.com

Products affected by CVE-2022-34002

Pdssoftware » Pds Vista 7 » Version: Any

cpe:2.3:a:pdssoftware:pds_vista_7:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-34002

Products

Pricing

Contact Us