PT-2022-27109 · Unknown · Book Store Management System
Upasana Bohra
·
Published
2022-11-30
·
Updated
2025-04-24
·
CVE-2022-44097
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Book Store Management System version 1.0
Description
The issue concerns hardcoded credentials in the system, allowing attackers to escalate privileges and access the admin panel.
Recommendations
For Book Store Management System version 1.0, remove the hardcoded credentials to prevent privilege escalation and restrict access to the admin panel until a proper fix is implemented. As a temporary workaround, consider restricting access to the admin panel to minimize the risk of exploitation.
Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Book Store Management System