CVE-2022-3774 · CVEKit

cve.orgen

373 chars

A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /train_scheduler_app/?action=delete. The manipulation of the argument id leads to improper control of resource identifiers. The attack may be launched remotely. The identifier of this vulnerability is VDB-212504.

NVDen

373 chars

A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /train_scheduler_app/?action=delete. The manipulation of the argument id leads to improper control of resource identifiers. The attack may be launched remotely. The identifier of this vulnerability is VDB-212504.

NVDes

409 chars

Una vulnerabilidad fue encontrada en SourceCodester Train Scheduler App 1.0 y clasificada como crítica. Una función desconocida del archivo /train_scheduler_app/?action=delete es afectada por esta vulnerabilidad. La manipulación del argumento id conduce a un control inadecuado de los identificadores de recursos. El ataque puede lanzarse de forma remota. El identificador de esta vulnerabilidad es VDB-212504

CVSS metrics across sources

4

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
3.1	Primary	cve.org	5.4	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L