CVE-2022-22790

Published at:
2022-01-28T20:15:12.557
Source: [email protected]

Global infos:

SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root directory and open the host file. The path exposes sensitive files that users upload

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorLOCAL
    Availability ImpactNONE
    Base Score5.6
    Base SeverityMEDIUM
    Confidentiality ImpactHIGH
    Integrity ImpactLOW
    Privileges RequiredLOW
    ScopeUNCHANGED
    User InteractionREQUIRED
    Vector StringCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
    Exploitability Score1.3
    Impact Score4.2
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords