CVE-2022-29666: SQL Injection
First published: Thu May 26 2022(Updated: )
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Chshcms Cscms Music Portal System | =4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-29666?
CVE-2022-29666 is a SQL injection vulnerability found in CSCMS Music Portal System v4.2.
How does the SQL injection vulnerability in CSCMS Music Portal System v4.2 work?
The SQL injection vulnerability in CSCMS Music Portal System v4.2 is triggered by the id parameter at /admin.php/pic/admin/lists/zhuan.
What is the severity of CVE-2022-29666?
CVE-2022-29666 has a severity rating of 7.2 (high).
What software is affected by CVE-2022-29666?
CSCMS Music Portal System v4.2 is affected by CVE-2022-29666.
How can I fix the SQL injection vulnerability in CSCMS Music Portal System v4.2?
To fix the SQL injection vulnerability in CSCMS Music Portal System v4.2, apply the latest patch or update provided by the vendor.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/chshcms
- canonical/chshcms cscms music portal system
- version/chshcms cscms music portal system/4.2