Vulnerability Details CVE-2022-40295
The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.6%
CVSS Severity
CVSS v3 Score 4.9
References
Products affected by CVE-2022-40295
-
cpe:2.3:a:phppointofsale:php_point_of_sale:19.0