A vulnerability was found in jerryhanjj ERP. It has been declared as critical. Affected by this vulnerability is the function uploadImages of the file application/controllers/basedata/inventory.php of the component Commodity Management. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213451.
References
Link | Resource |
---|---|
https://vuldb.com/?id.213451 | Third Party Advisory |
https://github.com/jerryhanjj/ERP/issues/3 | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2022-11-11 00:15
Updated : 2022-11-15 14:18
NVD link : CVE-2022-3944
Mitre link : CVE-2022-3944
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
erp_project
- erp