CVE-2022-2812

CWE-89SQL InjectionCWE-200Information ExposureCWE-2124 documents4 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 55.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sourcecodester Guest Management System
Timeline
PublishedAug 15
Latest updateAug 16

Description

A vulnerability classified as critical was found in SourceCodester Guest Management System. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username/pass leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-206398 is the identifier assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-ch23-p68w-8rq5: A vulnerability classified as critical was found in SourceCodester Guest Management System2022-08-16
CVEList
SourceCodester Guest Management System index.php sql injection2022-08-14
GHSA
Exposure of information in Action Pack2022-02-11
CVE-2022-2812 (CRITICAL CVSS 9.8) | A vulnerability classified as criti | cvebase.io