CVE-2022-3826
Huaxia ERP Retail Management list information disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability was found in Huaxia ERP. It has been classified as problematic. This affects an unknown part of the file /depotHead/list of the component Retail Management. The manipulation of the argument search leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212793 was assigned to this vulnerability.
Se encontró una vulnerabilidad en Huaxia ERP. Ha sido clasificada como problemática. Una parte desconocida del archivo /depotHead/list del componente Retail Management afecta a una parte desconocida. La manipulación de la búsqueda de argumentos conduce a la divulgación de información. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al público y puede utilizarse. A esta vulnerabilidad se le asignó el identificador VDB-212793.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-11-02 CVE Reserved
- 2022-11-02 CVE Published
- 2024-05-25 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-266: Incorrect Privilege Assignment
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/Ha0Liu/cveAdd/blob/developer/README.EN.yuequan.md | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huaxiaerp Search vendor "Huaxiaerp" | Huaxia Erp Search vendor "Huaxiaerp" for product "Huaxia Erp" | - | - |
Affected
| ||||||