CVE-2022-40032
CRITICAL NUCLEISimple Task Managing System - SQL Injection
Title source: ruleDescription
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Hamdi Sevben · textwebappsphp
https://www.exploit-db.com/exploits/51273
nomisec
WRITEUP
5 stars
by h4md153v63n · poc
https://github.com/h4md153v63n/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated
Nuclei Templates (1)
Simple Task Managing System v1.0 - SQL Injection
CRITICALVERIFIEDby r3Y3r53
References (4)
Scores
CVSS v3
9.8
EPSS
0.6793
EPSS Percentile
98.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (1)
simple_task_managing_system_project/simple_task_managing_system
1.0
Published
Feb 17, 2023
Tracked Since
Feb 18, 2026