A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/make_payments.php. The manipulation of the argument m_id/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213789 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/shreyansh225/Sports-Club-Management-System/issues/6 | Exploit Issue Tracking Third Party Advisory |
https://vuldb.com/?id.213789 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
28 Dec 2023, 19:24
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-89 |
07 Nov 2023, 03:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-89 |
18 Nov 2022, 21:04
Type | Values Removed | Values Added |
---|---|---|
References | (N/A) https://vuldb.com/?id.213789 - Third Party Advisory | |
References | (N/A) https://github.com/shreyansh225/Sports-Club-Management-System/issues/6 - Exploit, Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:sports_club_management_system_project:sports_club_management_system:119:*:*:*:*:*:*:* | |
First Time |
Sports Club Management System Project
Sports Club Management System Project sports Club Management System |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
16 Nov 2022, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-16 08:15
Updated : 2023-12-28 19:24
NVD link : CVE-2022-4015
Mitre link : CVE-2022-4015
CVE.ORG link : CVE-2022-4015
JSON object : View
Products Affected
sports_club_management_system_project
- sports_club_management_system