Vulnerability Details CVE-2022-47076
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.103
EPSS Ranking 92.8%
CVSS Severity
CVSS v3 Score 7.5
References
- http://packetstormsecurity.com/files/173093/Smart-Office-Web-20.28-Information-Disclosure-Insecure-Direct-Object-Reference.html
- https://cvewalkthrough.com/smart-office-suite-cve-2022-47076-cve-2022-47075/
- https://cvewalkthrough.com/smart-office-suite-unauthenticated-data-ex/
- https://youtu.be/D42upepxzwM
- http://packetstormsecurity.com/files/173093/Smart-Office-Web-20.28-Information-Disclosure-Insecure-Direct-Object-Reference.html
- https://cvewalkthrough.com/smart-office-suite-cve-2022-47076-cve-2022-47075/
- https://cvewalkthrough.com/smart-office-suite-unauthenticated-data-ex/
- https://youtu.be/D42upepxzwM
Products affected by CVE-2022-47076
-
cpe:2.3:a:smartofficepayroll:smartoffice:*