PT-2022-26310 · Unknown · Simple Exam Reviewer Management System

Ciph0X01

Published

2022-10-20

Updated

2025-05-08

CVE-2022-42201

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Simple Exam Reviewer Management System version 1.0

Description The issue concerns an insecure file upload in the Simple Exam Reviewer Management System. This allows for potential malicious file uploads, which could lead to various security issues.

Recommendations For Simple Exam Reviewer Management System version 1.0, consider restricting or disabling file upload functionality until a proper fix is implemented to secure the file upload process.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2022-42201

Affected Products

Simple Exam Reviewer Management System

PT-2022-26310 · Unknown · Simple Exam Reviewer Management System

CVE-2022-42201

Weakness Enumeration

Related Identifiers

Affected Products

References · 6