CVE-2022-2702

HIGH

Company Website CMS - Improper Access Control in Cookie Handler

Title source: llm
STIX 2.1

Description

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file site-settings.php of the component Cookie Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205826 is the identifier assigned to this vulnerability.

References (2)

Core 2

Scores

CVSS v3 7.3
EPSS 0.0052
EPSS Percentile 40.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-284
Status published
Products (1)
company_website\/cms_project/company_website\/cms
Published Aug 08, 2022
Tracked Since Feb 18, 2026