CVE-2022-2704
SourceCodester Simple E-Learning System downloadFiles.php information disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205828.
Se ha encontrado una vulnerabilidad en SourceCodester Simple E-Learning System. Ha sido declarada como problemática. Esta vulnerabilidad afecta a código desconocido del archivo downloadFiles.php. La manipulación del argumento download conlleva la divulgación de información. El ataque puede ser iniciado remotamente. La explotación ha sido divulgada al público y puede ser usada. El identificador de esta vulnerabilidad es VDB-205828
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2022-08-07 CVE Reserved
- 2022-08-08 CVE Published
- 2025-03-30 EPSS Updated
- 2025-04-15 CVE Updated
- 2025-04-15 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.205828 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Simple E-learning System Project Search vendor "Simple E-learning System Project" | Simple E-learning System Search vendor "Simple E-learning System Project" for product "Simple E-learning System" | - | - |
Affected
| ||||||