Lucene search

VulDBCVELIST:CVE-2022-3868

HistoryNov 05, 2022 - 12:00 a.m.

CVE-2022-3868 SourceCodester Sanitization Management System sql injection

2022-11-0500:00:00

CWE-707

VulDB

www.cve.org

cve-2022-3868

sourcecodester sanitization management system

sql injection

remote attack

vdb-213012

4.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

10 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.3%

JSON

A vulnerability classified as critical has been found in SourceCodester Sanitization Management System. Affected is an unknown function of the file /php-sms/classes/Master.php?f=save_quote. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213012.

CNA Affected

[
  {
    "vendor": "SourceCodester",
    "product": "Sanitization Management System",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]

References

github.com/x9AD8/Sanitization-Management-System/blob/main/README.md

vuldb.com/?id.213012