CVE-2022-2772: SQL Injection
First published: Thu Aug 11 2022(Updated: )
A vulnerability was found in SourceCodester Apartment Visitor Management System and classified as critical. Affected by this issue is some unknown functionality of the file action-visitor.php. The manipulation of the argument editid/remark leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-206168.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apartment Visitors Management System Project Apartment Visitors Management System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-2772?
The severity of CVE-2022-2772 is critical.
How does CVE-2022-2772 affect SourceCodester Apartment Visitor Management System?
CVE-2022-2772 affects some unknown functionality of the SourceCodester Apartment Visitor Management System.
What vulnerability does CVE-2022-2772 exploit in the Apartment Visitor Management System?
CVE-2022-2772 exploits a SQL injection vulnerability in the 'action-visitor.php' file of the Apartment Visitor Management System.
Can CVE-2022-2772 be exploited remotely?
Yes, CVE-2022-2772 can be launched remotely.
Is there a fix available for CVE-2022-2772?
It is recommended to apply any patches or updates provided by the vendor to fix CVE-2022-2772.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/description
- vendor/apartment visitors management system project
- canonical/apartment visitors management system project apartment visitors management system