CVE-2022-4737SQL Injection in Blood Bank Management System

CWE-89SQL Injection3 documents3 sources
Severity
9.8CRITICALNVD
CNA7.3
EPSS
0.1%
top 65.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Blood Bank Management SystemBlood Bank Management System Project Blood Bank Management System
Timeline
PublishedDec 25

Description

A vulnerability was found in SourceCodester Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The identifier VDB-216773 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
SourceCodester Blood Bank Management System login.php sql injection2022-12-25
GHSA
GHSA-5c25-x6hc-jh4h: A vulnerability was found in SourceCodester Blood Bank Management System 12022-12-25
CVE-2022-4737 — SQL Injection | cvebase