CVE-2022-3579

🗓️ 18 Oct 2022 00:00:00Reported by VulDBType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 77 Views🌐 WEB

Vulnerability in SourceCodester Cashier Queuing System 1.0 allows remote SQL injection via username/password in /queuing/login.ph

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2022-3579	18 Oct 202211:15	–	attackerkb
CNNVD	Cashier Queuing System 安全漏洞	18 Oct 202200:00	–	cnnvd
Cvelist	CVE-2022-3579 SourceCodester Cashier Queuing System Login Page login.php sql injection	18 Oct 202200:00	–	cvelist
EUVD	EUVD-2022-42943	3 Oct 202520:07	–	euvd
NVD	CVE-2022-3579	18 Oct 202211:15	–	nvd
Prion	Sql injection	18 Oct 202211:15	–	prion
Positive Technologies	PT-2022-22961 · Sourcecodester · Sourcecodester Cashier Queuing System	18 Oct 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-3579	22 May 202523:02	–	redhatcve
Vulnrichment	CVE-2022-3579 SourceCodester Cashier Queuing System Login Page login.php sql injection	18 Oct 202200:00	–	vulnrichment

NVD

Vulners

Node

oretnom23 cashier_queuing_systemMatch1.0

[
  {
    "vendor": "SourceCodester",
    "product": "Cashier Queuing System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/DisguisedRoot/Exploit/blob/main/SQLInj/POC
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
username	request body	/queuing/login.php	SQL injection in login.php allowing remote attacker to manipulate username/password to bypass authentication	CWE-707, CWE-89
password	request body	/queuing/login.php	SQL injection in login.php allowing remote attacker to manipulate username/password to bypass authentication	CWE-707, CWE-89

21 Nov 2024 07:19Current

7.5High risk

Vulners AI Score7.5

CVSS 3.16.3 - 9.8

EPSS0.0031

SSVC