CVE-2022-1084

CWE-287 — Improper Authentication CWE-7645 documents5 sources

Severity

9.8CRITICAL

EPSS

0.4%

top 41.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester ONE Church Management System ONE Church Management System Project ONE Church Management System

Timeline

PublishedMar 29

Latest updateDec 9

Description

A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /one_church/userregister.php. The manipulation leads to authentication bypass. The attack can be launched remotely.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages2 packages

▶CVEListV5sourcecodester/one_church_management_system1.0

▶NVDone_church_management_system_project/one_church_management_system1.0

🔴Vulnerability Details

OSV

ftrace: Fix recursive locking direct_mutex in ftrace_modify_direct_caller↗2025-12-09

▶

GHSA

GHSA-jq3j-8jmp-v6jp: A vulnerability classified as critical was found in SourceCodester One Church Management System 1↗2022-03-30

▶

CVEList

SourceCodester One Church Management System Session userregister.php improper authentication↗2022-03-29

▶