VDB-206013 · CVE-2022-2745 · GCVE-100-206013

SourceCodester Gym Management System Add New Trainer /admin/add_trainers.php trainer_name SQL ଇଞ୍ଜେକ୍ସନ

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu SourceCodester Gym Management System keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii /admin/add_trainers.php keessa kutaa Add New Trainer keessa. Hojii jijjiirraa irratti gaggeeffame trainer_name gara SQL ଇଞ୍ଜେକ୍ସନ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-89 geessa. Dadhabbii kana yeroo 08/10/2022 maxxanfameera. Odeeffannoon kun buufachuuf vuldb.com irratti qoodameera. Dogoggorri kun akka CVE-2022-2745tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 62 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 08/10/2022 07:29 AM	ଅଦ୍ୟତନ 1/2 09/04/2022 09:17 AM	ଅଦ୍ୟତନ 2/2 09/04/2022 09:18 AM
software_vendor	SourceCodester	SourceCodester	SourceCodester
software_name	Gym Management System	Gym Management System	Gym Management System
software_component	Add New Trainer	Add New Trainer	Add New Trainer
software_file	/admin/add_trainers.php	/admin/add_trainers.php	/admin/add_trainers.php
software_argument	trainer_name	trainer_name	trainer_name
vulnerability_cwe	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rc	R	R	R
exploit_availability	1	1	1
source_cve	CVE-2022-2745	CVE-2022-2745	CVE-2022-2745
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1660082400 (08/10/2022)	1660082400 (08/10/2022)	1660082400 (08/10/2022)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss2_vuldb_au	S	S	S
cvss2_vuldb_rl	ND	ND	ND
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_rl	X	X	X
cvss2_vuldb_basescore	6.5	6.5	6.5
cvss2_vuldb_tempscore	5.6	5.6	5.6
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7
cvss3_meta_basescore	6.3	6.3	7.5
cvss3_meta_tempscore	5.7	5.7	7.3
price_0day	$0-$5k	$0-$5k	$0-$5k
advisory_url		https://vuldb.com/?id.206013	https://vuldb.com/?id.206013
cve_assigned		1660082400 (08/10/2022)	1660082400 (08/10/2022)
cve_nvd_summary		A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. This affects an unknown part of the file /admin/add_trainers.php of the component Add New Trainer. The manipulation of the argument trainer_name leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-206013 was assigned to this vulnerability.	A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. This affects an unknown part of the file /admin/add_trainers.php of the component Add New Trainer. The manipulation of the argument trainer_name leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-206013 was assigned to this vulnerability.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			L
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss3_nvd_basescore			9.8
cvss3_cna_basescore			6.3

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Interested in the pricing of exploits?

See the underground prices here!