cbcvebase.
CVE-2022-40878
published 2022-09-27

CVE-2022-40878: In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).

PriorityP266high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
23.19%
97.5th percentile
In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).

Affected

1 ranges
VendorProductVersion rangeFixed in
exam_reviewer_management_system_projectexam_reviewer_management_system
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.