CVE-2022-3414
MEDIUMWeb-Based Student Clearance System - SQL Injection via Admin Login POST Parameter
Title source: llmDescription
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. Affected is an unknown function of the file /Admin/login.php of the component POST Parameter Handler. The manipulation of the argument txtusername leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-210246 is the identifier assigned to this vulnerability.
References (2)
Core 2
Core References
Third Party Advisory
https://vuldb.com/?id.210246
Exploit, Third Party Advisory
https://www.jianshu.com/p/8f7b7b532c02
Scores
CVSS v3
5.0
EPSS
0.0053
EPSS Percentile
40.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-707
Status
published
Products (1)
web-based_student_clearance_system_project/web-based_student_clearance_system
Published
Oct 07, 2022
Tracked Since
Feb 18, 2026