CVE-2022-2577: SQL Injection
First published: Fri Jul 29 2022(Updated: )
A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2'%20UNION%20select%2011,user(),333,444--+ leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Garage Management System Project Garage Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-2577?
CVE-2022-2577 is a critical SQL injection vulnerability found in SourceCodester Garage Management System 1.0.
How does CVE-2022-2577 affect the SourceCodester Garage Management System?
CVE-2022-2577 allows an attacker to manipulate the 'id' argument in the '/edituser.php' file, leading to SQL injection.
What is the severity of CVE-2022-2577?
CVE-2022-2577 has a severity rating of 8.8 (high).
How can I fix CVE-2022-2577 in SourceCodester Garage Management System?
To fix CVE-2022-2577, you should apply the official patch or update provided by SourceCodester for Garage Management System 1.0.
Where can I find more information about CVE-2022-2577?
You can find more information about CVE-2022-2577 at the following references: [link1](https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Garage%20Management%20System(SQLI).md), [link2](https://vuldb.com/?id.205300)
- collector/nvd-index
- vendor/garage management system project
- canonical/garage management system project garage management system
- version/garage management system project garage management system/1.0