CVE-2022-3130

HIGH

Online Driving School Project - SQL Injection via Login Username Parameter

Title source: llm
STIX 2.1

Description

A vulnerability classified as critical has been found in codeprojects Online Driving School. This affects an unknown part of the file /login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207873 was assigned to this vulnerability.

References (2)

Core 2

Scores

CVSS v3 7.3
EPSS 0.0079
EPSS Percentile 51.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
online_driving_school_project_project/online_driving_school_project
Published Sep 07, 2022
Tracked Since Feb 18, 2026