{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "College Management System v1.0", "vendor": "College Management", "versions": [{"lessThan": " Upgrade to the latest version.", "status": "affected", "version": "All versions", "versionType": "git"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Liav Gutman"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">College Management System v1.0 - Authenticated remote code execution.</span><br><span style=\"background-color: rgb(255, 255, 255);\">An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload</span><br><span style=\"background-color: rgb(255, 255, 255);\">.php file that contains malicious code via student.php file.</span>\n\n"}], "value": "\nCollege Management System v1.0 - Authenticated remote code execution.\nAn admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload\n.php file that contains malicious code via student.php file.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "Authenticated remote code execution", "lang": "en"}]}], "providerMetadata": {"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "shortName": "INCD", "dateUpdated": "2023-10-25T13:18:21.458Z"}, "references": [{"url": "https://www.gov.il/en/Departments/faq/cve_advisories"}], "source": {"advisory": "ILVN-2022-0060", "discovery": "UNKNOWN"}, "title": "College Management System v1.0 - Authenticated remote code execution", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}, "cveMetadata": {"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "cveId": "CVE-2022-39179", "serial": 1, "state": "PUBLISHED", "dateUpdated": "2023-10-25T13:18:21.458Z", "dateReserved": "2022-09-02T00:00:00", "datePublished": "2022-11-17T22:27:55.603007Z", "assignerShortName": "INCD"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:college_management_system_project:college_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3ADB4C9F-1230-4F3E-9E79-15F80FE25866", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\nCollege Management System v1.0 - Authenticated remote code execution.\nAn admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload\n.php file that contains malicious code via student.php file.\n\n"}, {"lang": "es", "value": "College Management System v1.0: ejecuci\u00f3n remota de c\u00f3digo autenticado. Un usuario administrador (la autenticaci\u00f3n se puede omitir mediante la inyecci\u00f3n SQL que mencion\u00e9 en mi otro informe) puede cargar un archivo .php que contenga c\u00f3digo malicioso a trav\u00e9s del archivo Student.php."}], "id": "CVE-2022-39179", "lastModified": "2023-10-25T18:17:15.373", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "cna@cyber.gov.il", "type": "Secondary"}]}, "published": "2022-11-17T23:15:18.490", "references": [{"source": "cna@cyber.gov.il", "url": "https://www.gov.il/en/Departments/faq/cve_advisories"}], "sourceIdentifier": "cna@cyber.gov.il", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}