CVE-2022-24571

CRITICAL

9.8

Beschreibung

Car Driving School Management System v1.0 is affected by SQL injection in the login page. An attacker can use simple SQL login injection payload to get admin access.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht2/28/2022

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

car_driving_school_management_system_project:car_driving_school_management_system

Schwachen (CWE)

CWE-89

Referenzen

https://github.com/nsparker1337/OpenSource/blob/main/exploit_sql(cve@mitre.org)

https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-24571(cve@mitre.org)

https://www.nu11secur1ty.com/2022/03/cve-2022-24571.html(cve@mitre.org)

https://github.com/nsparker1337/OpenSource/blob/main/exploit_sql(af854a3a-2127-422b-91ae-364da2661108)

https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-24571(af854a3a-2127-422b-91ae-364da2661108)

https://www.nu11secur1ty.com/2022/03/cve-2022-24571.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.