cve/CVE-2022-40347.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

1.0 KiB

Raw Permalink Blame History

CVE-2022-40347

Description

SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.

POC

Reference

http://packetstormsecurity.com/files/171740/Intern-Record-System-1.0-SQL-Injection.html
https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated

Github

https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated
https://github.com/h4md153v63n/CVEs
https://github.com/h4md153v63n/h4md153v63n
https://github.com/nomi-sec/PoC-in-GitHub

1.0 KiB Raw Permalink Blame History

CVE-2022-40347

Description

POC

Reference

Github

1.0 KiB

Raw Permalink Blame History