First published: Thu Nov 24 2022(Updated: )
A vulnerability was found in rickxy Stock Management System and classified as critical. Affected by this issue is some unknown functionality of the file /pages/processlogin.php. The manipulation of the argument user/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214322 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Stock Management System Project Stock Management System |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-4088 is a critical vulnerability found in the rickxy Stock Management System, allowing remote SQL injection via the user/password argument in the /pages/processlogin.php file.
CVE-2022-4088 has a severity rating of 9.8 (critical).
The affected software is the Stock Management System Project's Stock Management System.
To fix CVE-2022-4088, it is recommended to update the rickxy Stock Management System to a version that has patched the SQL injection vulnerability.
You can find more information about CVE-2022-4088 on the GitHub issue tracker at https://github.com/rickxy/Stock-Management-System/issues/2 and on the VulDB entry at https://vuldb.com/?id.214322.