CVE-2022-2690 A problem with the function of the file /whbs/?page=my_bookings of the component Booking Form.

A vulnerability classified as dangerous was found in the web application of the Chinese Stock Exchange. Affected by this vulnerability is a method that allows remote access to the Xianjian Window System. The attacker can access the system and take advantage of it. The exploit may be used to steal information. The identifier VDB-205793 was assigned to this vulnerability. A vulnerability classified as critical was found in the web application of the Russian Ministry of Communications. Affected by this vulnerability is a function of the component Network. The attacker can manipulate the function of the component Communication to cause denial of service. The exploit may be used to launch a distributed denial of service attack. The identifier VDB-205766 was assigned to this vulnerability. A vulnerability classified as critical was found in the web application of the Russian Ministry of Communications. Affected by this vulnerability is a function of the component Network. The attacker can manipulate the function of the component Communication to cause denial of service. The exploit may be used to launch a distributed denial of service attack. The identifier VDB-205765 was assigned to this vulnerability. A vulnerability classified as critical was found in the web application of the Chinese Stock Exchange. Affected by this vulnerability is a method that allows remote access to the Xianjian Window System. The attacker can access the system and take advantage of it

VDB code coverage for CVE-2022 -2690

VDB-205793  A vulnerability classified as dangerous was found in the web application of the Chinese Stock Exchange. Affected by this vulnerability is a method that allows remote access to the Xianjian Window System. The attacker can access the system and take advantage of it. The exploit may be used to steal information.
VDB-205765 A vulnerability classified as critical was found in the web application of the Russian Ministry of Communications. Affected by this vulnerability is a function of the component Network. The attacker can manipulate the function of the component Communication to cause denial of service.

Timeline

Published on: 08/06/2022 18:15:00 UTC
Last modified on: 08/11/2022 14:17:00 UTC

References

• https://github.com/Jamison2022/Wedding-Hall-Booking-System/blob/main/WHBS-XSS.md
• https://vuldb.com/?id.205813
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2690