CVE-2022-37794
published 2022-09-12CVE-2022-37794: In Library Management System 1.0 the /card/in-card.php file id_no parameters are vulnerable to SQL injection.
PriorityP344critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.86%
53.9th percentile
In Library Management System 1.0 the /card/in-card.php file id_no parameters are vulnerable to SQL injection.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| library_management_system_project | library_management_system | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/anx0ing/CVE_demo/blob/main/2022/Library%20Management%20System%20with%20QR%20code%20Attendance%20and%20Auto%20Generate%20Library%20Card%20-%20SQL%20injections.mdhttps://github.com/anx0ing/CVE_demo/blob/main/2022/Library%20Management%20System%20with%20QR%20code%20Attendance%20and%20Auto%20Generate%20Library%20Card%20-%20SQL%20injections.md
2022-09-12
Published