CVE-2022-2665
SourceCodester Simple E-Learning System classroom.php sql injection
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument post_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205615.
Se ha encontrado una vulnerabilidad clasificada como crítica en SourceCodester Simple E-Learning System. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo classroom.php. La manipulación del argumento post_id conlleva a una inyección sql. El ataque puede ser lanzado remotamente. La explotación ha sido divulgada al público y puede ser usada. El identificador asociado a esta vulnerabilidad es VDB-205615
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2022-08-05 CVE Reserved
- 2022-08-05 CVE Published
- 2025-03-30 EPSS Updated
- 2025-04-15 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.205615 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Simple E-learning System Project Search vendor "Simple E-learning System Project" | Simple E-learning System Search vendor "Simple E-learning System Project" for product "Simple E-learning System" | - | - |
Affected
| ||||||