2 matches found
CVE-2022-3495 SourceCodester Simple Online Public Access Catalog Admin Login sql injection
A vulnerability has been found in SourceCodester Simple Online Public Access Catalog 1.0 and classified as critical. This vulnerability affects unknown code of the file /opac/Actions.php?a=login of the component Admin Login. The manipulation of the argument username/password leads to sql injectio...
CVE-2022-3495
CVE-2022-3495 affects SourceCodester Simple Online Public Access Catalog 1.0, specifically the Admin Login endpoint /opac/Actions.php?a=login. The vulnerability is a SQL injection caused by manipulating the username/password parameters, exploitable remotely with high impact on confidentiality, in...