cbcvebase.
CVE-2022-32028
published 2022-06-02

CVE-2022-32028: Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=.

PriorityP346high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EXPLOIT
EPSS
4.92%
91.0th percentile
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=.

Affected

8 ranges
VendorProductVersion rangeFixed in
car_rental_management_system_projectcar_rental_management_system
msrcmicrosoft_ole_db_driver_18_for_sql_server
msrcmicrosoft_ole_db_driver_19_for_sql_server
msrcmicrosoft_visual_studio_2019_version_16.11
msrcmicrosoft_visual_studio_2022_version_17.2
msrcmicrosoft_visual_studio_2022_version_17.4
msrcmicrosoft_visual_studio_2022_version_17.6
msrcmicrosoft_visual_studio_2022_version_17.8

CVSS provenance

nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_msrc7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.