CVE-2022-30927

CRITICAL

Simple Task Scheduling System 1.0 - SQL Injection

Title source: llm
STIX 2.1

Description

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter.

Scores

CVSS v3 9.8
EPSS 0.0138
EPSS Percentile 69.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
simple_task_scheduling_system_project/simple_task_scheduling_system 1.0
Published Jun 06, 2022
Tracked Since Feb 18, 2026