CVE-2022-27927
N/A
N/A
Summary
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.sourcecodester.com/php/14822/microfinance-management-system.html
- https://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated
- http://packetstormsecurity.com/files/167017/Microfinance-Management-System-1.0-SQL-Injection.html
References
- https://www.sourcecodester.com/php/14822/microfinance-management-system.html
- https://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated
- http://packetstormsecurity.com/files/167017/Microfinance-Management-System-1.0-SQL-Injection.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.