nvd-json-data-feeds/CVE-2022/CVE-2022-26xx/CVE-2022-2673.json

{
  "id": "CVE-2022-2673",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2022-08-05T12:15:08.343",
  "lastModified": "2022-08-11T19:03:52.167",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205657 was assigned to this vulnerability."
    },
    {
      "lang": "es",
      "value": "Se ha encontrado una vulnerabilidad en Rigatur Online Booking and Hotel Management System versi\u00f3n aff6409. Ha sido declarada como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo login.php del componente POST Request Handler. La manipulaci\u00f3n del argumento email/pass conlleva a una inyecci\u00f3n sql. El ataque puede ser lanzado remotamente. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede ser usada. El identificador VDB-205657 fue asignado a esta vulnerabilidad"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      },
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:rigatur:online_booking_and_hotel_management_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A07BA6E-FAAD-4FC6-9515-7C0474D5B763"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://vuldb.com/?id.205657",
      "source": "cna@vuldb.com",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}