CVE-2022-2680
Published on: Not Yet Published
Last Modified on: 08/06/2022 02:35:00 AM UTC
Certain versions of Church Management System from SourceCodester contain the following vulnerability:
A vulnerability classified as critical has been found in SourceCodester Church Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument username with the input ' OR (SELECT 7064 FROM(SELECT COUNT(*),CONCAT(0x71627a7671,(SELECT (ELT(7064=7064,1))),0x716b707871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- jURL leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205668.
- CVE-2022-2680 has been assigned by
[email protected] to track the vulnerability
- Affected Vendor/Software:
SourceCodester - Church Management System version 1.0
CVE References
Description | Tags ⓘ | Link |
---|---|---|
CVE_demo/Church Management System-SQL injections.md at main · anx0ing/CVE_demo · GitHub | github.com text/html |
![]() |
CVE-2022-2680 | SourceCodester Church Management System login.php sql injection | vuldb.com text/html Inactive LinkNot Archived |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Software
Vendor | Product | Version |
---|---|---|
SourceCodester | Church_Management_System | 1.0 |
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
Windowsに見つかった「RPC」の危ない脆弱性 パッチ未適用PCは全滅か?:「Microsoft Remote Procedure Call」に脆弱性 techtarget.itmedia.co.jp/tt/news/2205/1… CVE-2022-2680… twitter.com/i/web/status/1… | 2022-05-14 20:22:34 |
![]() |
CVE-2022-2680 : A vulnerability classified as critical has been found in SourceCodester Church Management System 1.… twitter.com/i/web/status/1… | 2022-08-05 20:29:44 |
![]() |
Php - CVE-2022-2680: vuldb.com/?id.205668 | 2022-08-05 23:01:12 |