CVE-2022-29006: SQL Injection
First published: Wed May 11 2022(Updated: )
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Phpgurukul Directory Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-29006.
What is the severity of CVE-2022-29006?
The severity of CVE-2022-29006 is critical with a CVSS score of 9.8.
Which software is affected by CVE-2022-29006?
The Directory Management System v1.0 by Phpgurukul is affected by CVE-2022-29006.
How can attackers exploit CVE-2022-29006?
Attackers can exploit CVE-2022-29006 by exploiting SQL injection vulnerabilities that allow them to bypass authentication.
Are there any available references for CVE-2022-29006?
Yes, you can find more information about CVE-2022-29006 in the following references: [Link 1](https://github.com/sudoninja-noob/CVE-2022-29006/blob/main/CVE-2022-29006.txt), [Link 2](https://www.exploit-db.com/exploits/50370).
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/event
- agent/type
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/phpgurukul
- canonical/phpgurukul directory management system
- version/phpgurukul directory management system/1.0