Another problem has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as critical. This problem affects an unknown functionality. The manipulation of the argument no-password may lead to remote denial of service. The attacker must be located on the same network as the target. The exploit has been disclosed to the public and may be used. The identifier VDB-211191 was assigned to this vulnerability. A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. The problem is an unknown functionality. The injection of the argument no-password may lead to remote code execution. The attacker must be located on the same network as the target. The exploit has been disclosed to the public and may be used. The identifier VDB-211190 was assigned to this vulnerability. Another problem has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as critical. This problem affects an unknown functionality. The manipulation of the argument no-password may lead to remote denial of service. The attacker must be located on the same network as the target. The exploit has been disclosed to the public and may be used. The identifier VDB-211192 was assigned to this vulnerability.
SourceCodester Simple Cold Storage Management System 2.0
SourceCodester is a cold storage management system with a RESTful interface. SourceCodester does not suffer from the attack identified in CVE-2022-3582 and classified as critical because it does not use the argument no-password. SourceCodester uses the argument no-password to specify which files are to be stored, but it is ignored by the server. The vulnerability has been found and classified as problematic. The vulnerability is an unknown functionality. The injection of the argument no-password may lead to remote code execution. The attacker must be located on the same network as the target. This exploit has been disclosed to the public and may be used. The identifier VDB-211191 was assigned to this vulnerability. SourceCodester Simple Cold Storage Management System 2.0 seems to be unaffected by this vulnerability that affects SourceCodester 1.x systems so it can be safely used without implementing any changes in regards to this issue.
Source code information
The vulnerable software is SourceCodester Simple Cold Storage Management System 1.0. The vendor is Sourcecodesters, Inc. and the product version is 1.0. The identifier for this vulnerability is VDB-211191.
This vulnerability was disclosed to the public on April 30, 2019 and may be used for any purpose without permission from the vendor or researcher.
Screenshots From SourceCodester Simple Cold Storage Management System 1.0
**Enterprise Source Code Management Solution **
- Manage source code and build releases in real time
- Automate continuous integration, continuous deployment and environment provisioning
- Reduce team effort with scalable, extensible architecture
- New and improved features to reduce the risk of errors and promote better quality assurance
Timeline
Published on: 10/18/2022 11:15:00 UTC
Last modified on: 10/19/2022 03:26:00 UTC