h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated

Releases0

Stars3

CVE-2022-40347: Intern Record System - 'phone', 'email', 'deptType' and 'name' SQL Injection (Unauthenticated)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-40347 ↗	Feb 17, 2023Friday, 17 February 2023, 13:15	9.8 CRITICAL	—
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.