Lucene search
MitreCVE-2022-38878HistorySep 16, 2022 - 4:15 p.m.
CVE-2022-38878
2022-09-1616:15:10
CWE-89
mitre
web.nvd.nist.gov
27
3
cve-2022-38878
school activity updates
sms notification
sql injection
vulnerability
nvd
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
37.7%
School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&id=.
Affected configurations
Node
school_activity_updates_with_sms_notification_projectschool_activity_updates_with_sms_notificationMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| school_activity_updates_with_sms_notification_project | school_activity_updates_with_sms_notification | 1.0 | cpe:2.3:a:school_activity_updates_with_sms_notification_project:school_activity_updates_with_sms_notification:1.0:*:*:*:*:*:*:* |
Social References
More
Related
nvd
nvd
CVE-2022-38878
2022-09-16 16:15:10
prion
prion
Sql injection
2022-09-16 16:15:00
cvelist
cvelist
CVE-2022-38878
2022-09-16 15:00:45
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
37.7%
Related for CVE-2022-38878