CVE-2022-29662
The CVE-2022-29662 issue affects CSCMS Music Portal System v4.2, where a SQL injection vulnerability exists via the id parameter in /admin.php/news/admin/news/save. The root cause is lack of validation for external input SQL statements, enabling an attacker to potentially execute arbitrary SQL an...