CVE-2022-36193

CRITICAL

School Management System 1.0 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-36193. PoCs published by G37SYS73M.

AI-analyzed exploit summary The repository contains no exploit code or technical details, only a reference to an external link. This is characteristic of a social engineering lure designed to redirect users to another source.

Description

SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.

Exploits (1)

nomisec SUSPICIOUS

by G37SYS73M · poc

https://github.com/G37SYS73M/CVE-2022-36193

View Code ZIP pw:eip

The repository contains no exploit code or technical details, only a reference to an external link. This is characteristic of a social engineering lure designed to redirect users to another source.

Classification

Suspicious 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://github.com/G37SYS73M/Advisory_G37SYS73M/blob/main/CVE-2022-36193/POC.md

View Exploit ZIP pw:eip

Product

https://github.com/lahirudanushka/School-Management-System---PHP-MySQL

Scores

CVSS v3 9.8

EPSS 0.0139

EPSS Percentile 68.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-89

Status published

Products (1)

lahirudanushka/school_management_system 1.0

Published Nov 28, 2022

Tracked Since Feb 18, 2026