CVE-2022-31383: SQL Injection
First published: Thu Jun 16 2022(Updated: )
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Phpgurukul Directory Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for Directory Management System v1.0?
The vulnerability ID for Directory Management System v1.0 is CVE-2022-31383.
What is the severity level of CVE-2022-31383?
The severity level of CVE-2022-31383 is critical with a score of 9.8.
How does the SQL injection vulnerability occur in Directory Management System v1.0?
The SQL injection vulnerability occurs via the editid parameter in view-directory.php in Directory Management System v1.0.
What software version is affected by CVE-2022-31383?
The affected software version is Directory Management System v1.0.
Is there a proof of concept available for CVE-2022-31383?
Yes, a proof of concept is available at the following link: https://github.com/laotun-s/POC/blob/main/CVE-2022-31383.txt.
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/phpgurukul
- canonical/phpgurukul directory management system
- version/phpgurukul directory management system/1.0