CVE-2022-3471

CWE-707CWE-89SQL Injection4 documents4 sources
Severity
4.9MEDIUM
EPSS
0.2%
top 54.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sourcecodester Human Resource Management System
Timeline
PublishedOct 13

Description

A vulnerability was found in SourceCodester Human Resource Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file city.php. The manipulation of the argument searccity leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-210715.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-9g3h-8w94-vg8v: A vulnerability was found in SourceCodester Human Resource Management System2022-10-13
CVEList
SourceCodester Human Resource Management System city.php sql injection2022-10-12

🕵️Threat Intelligence

1
Trendmicro
Microsoft Patches Zero-Day DogWalk Vulnerability
CVE-2022-3471 (MEDIUM CVSS 4.9) | A vulnerability was found in Source | cvebase.io