CVE-2022-4737: SourceCodester Blood Bank Management System login.php sql injection
First published: Sun Dec 25 2022(Updated: )
A vulnerability was found in SourceCodester Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The identifier VDB-216773 was assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Blood Bank Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-4737?
CVE-2022-4737 is rated as critical due to its potential for remote SQL injection.
What is the impact of CVE-2022-4737?
CVE-2022-4737 allows attackers to manipulate the login.php file to perform SQL injection attacks.
How do I fix CVE-2022-4737?
To fix CVE-2022-4737, sanitize and validate input for username and password fields to prevent SQL injection.
Which software is affected by CVE-2022-4737?
CVE-2022-4737 affects the Blood Bank Management System version 1.0.
What should I do if I am vulnerable to CVE-2022-4737?
If vulnerable to CVE-2022-4737, it is recommended to update to the latest software version and apply necessary input validation measures.
- agent/references
- agent/type
- agent/author
- agent/weakness
- agent/description
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/blood bank management system project
- canonical/blood bank management system
- version/blood bank management system/1.0