Critical Unrestricted Upload Vulnerability in jerryhanjj ERP

Critical Unrestricted Upload Vulnerability in jerryhanjj ERP

CVE-2022-3944 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability was found in jerryhanjj ERP. It has been declared as critical. Affected by this vulnerability is the function uploadImages of the file application/controllers/basedata/inventory.php of the component Commodity Management. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213451.

Learn more about our Web Application Penetration Testing UK.