CVE-2022-29009

CRITICAL NUCLEI

Cyber Cafe Management System Project v1.0 - SQL Injection

Title source: llm

Description

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.

Exploits (2)

exploitdb WORKING POC
by Sanjay Singh · textwebappsphp
https://www.exploit-db.com/exploits/50355
nomisec STUB
by sudoninja-noob · poc
https://github.com/sudoninja-noob/CVE-2022-29009

Nuclei Templates (1)

Cyber Cafe Management System 1.0 - SQL Injection
CRITICALVERIFIEDby TenBird

References (2)

Scores

CVSS v3 9.8
EPSS 0.7460
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
phpgurukul/cyber_cafe_management_system 1.0
Published May 11, 2022
Tracked Since Feb 18, 2026