Vulnerabilities > CVE-2022-1391 - Unspecified vulnerability in Kanev CAB Fare Calculator 1.0.3

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

kanev

critical

NVD

Published: 2022-04-25

Updated: 2024-11-21

Summary

The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.

Vulnerable Configurations

Part	Description	Count
Application	Kanev Kanev CAB Fare Calculator - Kanev CAB Fare Calculator 1.0.3	2

References

https://packetstormsecurity.com/files/166533/
https://packetstormsecurity.com/files/166533/
https://wpscan.com/vulnerability/680121fe-6668-4c1a-a30d-e70dd9be5aac
https://wpscan.com/vulnerability/680121fe-6668-4c1a-a30d-e70dd9be5aac