CVE-2022-41446

MEDIUM

Record Management System using CodeIgniter <1.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-41446. PoCs published by RashidKhanPathan.

AI-analyzed exploit summary This repository contains a writeup describing an access control vulnerability (CVE-2022-41446) in the Teachers Record Management System using CodeIgniter v1.0, allowing privilege escalation and information disclosure via URL manipulation.

Description

An access control issue in /Admin/dashboard.php of Record Management System using CodeIgniter v1.0 allows attackers to access and modify user data.

Exploits (1)

nomisec WRITEUP 2 stars
by RashidKhanPathan · poc
https://github.com/RashidKhanPathan/CVE-2022-41446

This repository contains a writeup describing an access control vulnerability (CVE-2022-41446) in the Teachers Record Management System using CodeIgniter v1.0, allowing privilege escalation and information disclosure via URL manipulation.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Teachers Record Management System using CodeIgniter v1.0
Auth required
Prerequisites: User account credentials · Access to the application URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 5.4
EPSS 0.0106
EPSS Percentile 60.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

Status published
Products (1)
record_management_system_project/record_management_system
Published Nov 23, 2022
Tracked Since Feb 18, 2026