CVE-2022-30512

CRITICAL NUCLEI

School Dormitory Management System 1.0 - SQL Injection via Payment History Page

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-30512. PoCs published by bigzooooz. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository provides a detailed writeup of CVE-2022-30512, an unauthenticated SQL injection vulnerability in School Dormitory Management System 1.0. It includes payload examples for various SQL injection techniques and instructions for exploitation using SQLMAP.

Description

School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.php:31.

Exploits (1)

nomisec WRITEUP 1 stars
by bigzooooz · poc
https://github.com/bigzooooz/CVE-2022-30512

This repository provides a detailed writeup of CVE-2022-30512, an unauthenticated SQL injection vulnerability in School Dormitory Management System 1.0. It includes payload examples for various SQL injection techniques and instructions for exploitation using SQLMAP.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: School Dormitory Management System 1.0
No auth needed
Prerequisites: Access to the target application · SQLMAP or similar tool for automated exploitation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

School Dormitory Management System 1.0 - SQL Injection
CRITICALVERIFIEDby tess

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.7179
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
school_dormitory_management_system_project/school_dormitory_management_system 1.0
Published Jun 02, 2022
Tracked Since Feb 18, 2026