CVE-2022-1080

{"id": "CVE-2022-1080", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-03-29T06:15:07.753", "references": [{"url": "https://vuldb.com/?id.195442", "tags": ["Third Party Advisory"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.195442", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in SourceCodester One Church Management System 1.0. It has been declared as critical. This vulnerability affects code of the file attendancy.php as the manipulation of the argument search2 leads to sql injection. The attack can be initiated remotely."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en SourceCodester One Church Management System 1.0. Ha sido declarada como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo del archivo attendancy.php ya que la manipulaci\u00f3n del argumento search2 conlleva a una inyecci\u00f3n sql. El ataque puede ser iniciado de forma remota"}], "lastModified": "2024-11-21T06:39:59.520", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:one_church_management_system_project:one_church_management_system:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88AE5A24-CC69-47C6-B6C1-8ACFED798B0D"}], "operator": "OR"}]}], "sourceIdentifier": "cna@vuldb.com"}