Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-66687
HistoryMay 24, 2022 - 12:00 a.m.

School Dormitory Management System SQL Injection Vulnerability (CNVD-2022-66687)

2022-05-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
sql injection
school dormitory management system
vulnerability
daily collection
illegal sql commands
sensitive database data

EPSS

0.002

Percentile

56.5%

School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/daily_collection The _report.php parameter lacks validation for external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.

EPSS

0.002

Percentile

56.5%

Related for CNVD-2022-66687