CVE-2022-2671
SourceCodester Garage Management System removeUser.php sql injection
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was found in SourceCodester Garage Management System and classified as critical. This issue affects some unknown processing of the file removeUser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205655.
Se ha encontrado una vulnerabilidad en SourceCodester Garage Management System y ha sido clasificada como crítica. Este problema afecta a un procesamiento desconocido del archivo removeUser.php. La manipulación del argumento id conlleva a una inyección sql. El ataque puede ser iniciado remotamente. La explotación ha sido divulgada al público y puede ser usada. El identificador asociado a esta vulnerabilidad es VDB-205655
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-08-05 CVE Reserved
- 2022-08-05 CVE Published
- 2024-02-26 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.205655 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Garage Management System Project Search vendor "Garage Management System Project" | Garage Management System Search vendor "Garage Management System Project" for product "Garage Management System" | - | - |
Affected
| ||||||