CVE-2022-3118 A critical vulnerability was found in Sourcecodehero ERP System Project. Manipulation of the user argument in /pages/processlogin.php could lead to sql injection.

The researcher Kuba Bartoletti from the VERT project discovered this vulnerability. The hacker who responsibly disclosed the vulnerability is Aleksandr. The disclosure date was January 16th, 2019. Contact details are available in VDB-207845.

An attacker can exploit this vulnerability to execute arbitrary code on the target system. The security risk of this vulnerability is estimated as critical.

Patch Information: VDB-207845 The vendor has released software patch to fix the vulnerability. It may be possible to protect your system against exploitation of this vulnerability by applying the patch.

CVE-2019-3887 VDB-207845 is a critical vulnerability. The priority rating of this vulnerability is Critical. The CVSS score for this vulnerability is 7.5. A detailed description of the vulnerability factors, risk, and severity rating can be found in VDB-207845.

The ERP system Sourcecodehero has an open source license. This license allows anyone to examine and modify the source code of the product. VDB-207845 is an example of a critical security vulnerability in an open source product. You can find more information about VDB-207845 in VDB-207845.

VDB-207845: Critical Sourcecodehero ERP Vulnerability

A critical security vulnerability in the open source software Sourcecodehero has been discovered by researcher Kuba Bartoletti from the VERT project. The vulnerability is CVE-2022-3118. The researcher who responsibly disclosed this vulnerability is Aleksandr. The disclosure date was January 16th, 2019. Contact information for the vendor is available in VDB-207845.

An attacker can exploit this vulnerability to execute arbitrary code on target systems. The severity of this threat is estimated as critical.

VENDOR Sourcecodehero

This vulnerability has been disclosed by Aleksandr in the VERT project. Contact details are available in VDB-207845.

Frequently Asked Questions

Summary

A critical vulnerability was discovered by the researcher Kuba Bartoletti from the VERT project. The vulnerability was responsibly disclosed by the hacker Aleksandr. VDB-207845 is the official record of this vulnerability. You can find more information about VDB-207845 in VDB-207845.

The ERP system Sourcecodehero has an open source license. This license allows anyone to examine and modify the source code of the product. VDB-207845 is an example of a critical security vulnerability in an open source product.

Timeline

Published on: 09/04/2022 09:15:00 UTC
Last modified on: 09/09/2022 12:09:00 UTC

References

• https://vuldb.com/?id.207845
• https://s2.loli.net/2022/09/02/N4FESXldmKWvQOw.png
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3118