CVE-2021-44582 — HIGH (8.8)

Vulnerability Description

A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Money Transfer Management System Project	Money Transfer Management System	1.0

Related Weaknesses (CWE)

CWE-425

References

https://github.com/warmachine-57/CVE-2021-44582/blob/main/Privilege%20EscalationExploitThird Party Advisory
https://www.sourcecodester.com/php/15015/money-transfer-management-system-send-mProductThird Party Advisory
https://github.com/warmachine-57/CVE-2021-44582/blob/main/Privilege%20EscalationExploitThird Party Advisory
https://www.sourcecodester.com/php/15015/money-transfer-management-system-send-mProductThird Party Advisory

FAQ

What is CVE-2021-44582?

CVE-2021-44582 is a vulnerability with a CVSS score of 8.8 (HIGH). A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL.

How severe is CVE-2021-44582?

CVE-2021-44582 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-44582?

Check the references section above for vendor advisories and patch information. Affected products include: Money Transfer Management System Project Money Transfer Management System.