CVE-2022-40924

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Zoo Management System version 1.0

Description The issue is related to an arbitrary file upload vulnerability in the picture upload point of the "save animal" file of the "Animals" module in the background management system.

Recommendations For Zoo Management System version 1.0, consider disabling the picture upload functionality in the "save animal" file of the "Animals" module until a patch is available. Restrict access to the "save animal" file to minimize the risk of exploitation. Avoid using the picture upload point in the affected module until the issue is resolved.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2022-40924

Affected Products

Zoo Management System

CVE-2022-40924

Weakness Enumeration

Related Identifiers

Affected Products

References · 8