CVE-2022-40798

Published: Oct 19, 2022

Modified: May 8, 2025

PUBLISHED

Description

OcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain the real email, sending the same request with correct email its possible to account takeover.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://ocomonphp.sourceforge.io/

https://gist.github.com/ninj4c0d3r/89bdd6702bf00d768302f5e0e5bb8adc

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-40798

Description

Affected Products

References