CVE-2022-2667: SourceCodester Loan Management System delete_lplan.php sql injection
First published: Fri Aug 05 2022(Updated: )
A vulnerability was found in SourceCodester Loan Management System and classified as critical. This issue affects some unknown processing of the file delete_lplan.php. The manipulation of the argument lplan_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205619.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Loan Management System | ||
| Loan Management System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-2667?
CVE-2022-2667 is classified as a critical vulnerability.
How do I fix CVE-2022-2667?
To fix CVE-2022-2667, ensure proper input validation and parameterized queries for the affected delete_lplan.php file.
What type of vulnerability is CVE-2022-2667?
CVE-2022-2667 is an SQL injection vulnerability.
Which systems are affected by CVE-2022-2667?
CVE-2022-2667 affects the Loan Management System from SourceCodester and Razormist.
Can CVE-2022-2667 be exploited remotely?
Yes, CVE-2022-2667 can be exploited remotely.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/loan management system project
- canonical/loan management system
- vendor/razormist