College Management System
CVE-2022-28079
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.
AnalysisAI
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. Affected products include: College Management System Project College Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.
More in College Management System
View allCollege Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/
A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Rated mediu
A vulnerability was found in code-projects College Management System 1.0. Rated medium severity (CVSS 6.9), this vulnera
College Management System v1.0 - SQL Injection (SQLi). Rated critical severity (CVSS 9.8), this vulnerability is remotel
A vulnerability was found in Codezips College Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerabilit
A vulnerability was found in Kashipara College Management System 1.0 and classified as problematic. Rated medium severit
A vulnerability has been found in Kashipara College Management System 1.0 and classified as problematic. Rated medium se
A vulnerability, which was classified as problematic, was found in Kashipara College Management System 1.0. Rated medium
A vulnerability, which was classified as problematic, has been found in Kashipara College Management System 1.0.php. Rat
A vulnerability classified as problematic was found in Kashipara College Management System 1.0. Rated medium severity (C
A vulnerability classified as problematic has been found in Kashipara College Management System 1.0. Rated medium severi
A vulnerability was found in Kashipara College Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerabili
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today