CVE-2022-29008

CWE-639Insecure Direct Object Reference3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.7%
top 28.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul BUS Pass Management System
Timeline
PublishedMay 11
Latest updateMay 12

Description

An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-q99x-8m74-3v3x: An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v12022-05-12
CVEList
CVE-2022-29008: An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v12022-05-11
CVE-2022-29008 (MEDIUM CVSS 6.5) | An insecure direct object reference | cvebase.io