Description

An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.

Related CPE's

a

online_discussion_forum_site_project

online_discussion_forum_site

1.0

Vulnerable

References

https://github.com/bigzooooz/CVE-2022-31294

ExploitThird Party Advisory

https://www.sourcecodester.com/php/15337/online-discussion-forum-site-phpoop-free-source-code.html

ProductThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-352

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

6.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-06-16T18:15:10.790

3 years ago

Last modified

2022-06-27T17:21:39.240

3 years ago