Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-44830

Published: 21/11/2022 Updated: 23/11/2022
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Event Registration Application

Vulnerability Summary

Sourcecodester Event Registration App v1.0 exists to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields. These vulnerabilities allow malicious users to execute arbitrary code via a crafted excel file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

event registration application project event registration application 1.0

Github Repositories

https://github.com/RashidKhanPathan/CVE-2022-44830

[Suggested description] Sourcecodester Event Registration App v10 was discovered to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields These vulnerabilities allow attackers to execute arbitrary code via a crafted excel file [Additional Information] Proof of Concept: drivegooglecom/file/d/17rSb8GLFPQfqnVFI56AYffbVMDg8z75t/

References

CWE-1236https://github.com/RashidKhanPathan/CVE-2022-44830https://nvd.nist.govhttps://github.com/RashidKhanPathan/CVE-2022-44830
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook