First published: Fri Aug 05 2022(Updated: )
A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been classified as critical. This affects an unknown part of the file index.php. The manipulation of the argument username with the input ' AND (SELECT 4955 FROM (SELECT(SLEEP(5)))RSzF) AND 'htiy'='htiy leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205665 was assigned to this vulnerability.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apartment Visitors Management System Project Apartment Visitors Management System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-2677 is critical with a value of 9.8.
The affected software is SourceCodester Apartment Visitor Management System 1.0.
The vulnerability affects an unknown part of the file index.php.
To fix CVE-2022-2677, it is recommended to update to a patched version of SourceCodester Apartment Visitor Management System.
You can find more information about CVE-2022-2677 at the following references: - [GitHub](https://github.com/anx0ing/CVE_demo/blob/main/2022/Apartment%20Visitor%20Management%20System-SQL%20injections.md) - [VulDB](https://vuldb.com/?id.205665)