First published: Fri Jul 29 2022(Updated: )
A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2'%20UNION%20select%2011,user(),333,444--+ leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Garage Management System Project Garage Management System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-2577 is a critical SQL injection vulnerability found in SourceCodester Garage Management System 1.0.
CVE-2022-2577 allows an attacker to manipulate the 'id' argument in the '/edituser.php' file, leading to SQL injection.
CVE-2022-2577 has a severity rating of 8.8 (high).
To fix CVE-2022-2577, you should apply the official patch or update provided by SourceCodester for Garage Management System 1.0.
You can find more information about CVE-2022-2577 at the following references: [link1](https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Garage%20Management%20System(SQLI).md), [link2](https://vuldb.com/?id.205300)