CVE-2022-30404: SQL Injection
First published: Fri May 13 2022(Updated: )
College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| College Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-30404?
CVE-2022-30404 is a vulnerability in College Management System v1.0 that allows an attacker to perform SQL Injection via the 'teacher_id' parameter in the '/College_Management_System/admin/display-teacher.php' URL.
How severe is CVE-2022-30404?
CVE-2022-30404 has a severity rating of 7.2 (High).
How can I fix CVE-2022-30404?
To fix CVE-2022-30404, you should sanitize and validate user input before using it in SQL queries, and use prepared statements or parameterized queries to prevent SQL Injection attacks.
What is the Common Weakness Enumeration (CWE) for CVE-2022-30404?
The Common Weakness Enumeration (CWE) for CVE-2022-30404 is CWE-89 (SQL Injection).
Where can I find more information about CVE-2022-30404?
You can find more information about CVE-2022-30404 at the following reference link: [Github](https://github.com/k0xx11/bug_report/blob/main/vendors/code-projects/College-Management-System/SQLi-1.md)
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- vendor/college management system project
- canonical/college management system
- version/college management system/1.0