Lucene search

VulDBCVE-2022-2847

HistoryAug 16, 2022 - 7:15 p.m.

CVE-2022-2847

2022-08-1619:15:09

CWE-89

VulDB

web.nvd.nist.gov

sourcecodester

guest management system

sql injection

cve-2022-2847

nvd

vdb-206489

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206489 was assigned to this vulnerability.

Affected configurations

Nvd

Node

guest_management_system_projectguest_management_systemMatch-

VendorProductVersionCPE
guest_management_system_projectguest_management_system-cpe:2.3:a:guest_management_system_project:guest_management_system:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
guest_management_system_project	guest_management_system	-	cpe:2.3:a:guest_management_system_project:guest_management_system:-:::::::*

CNA Affected

[
  {
    "product": "Guest Management System",
    "vendor": "SourceCodester",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

s1.ax1x.com/2022/08/13/vtDZfe.png

vuldb.com/?id.206489

Social References

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Related for CVE-2022-2847