Home Clean Services Management System login.php sql injection
CVE-2022-1839

6.3MEDIUM

Key Information:

Vendor: Unspecified
Status: Home Clean Services Management System
Vendor: CVE Published:; 24 May 2022

🔔 Create Unspecified Vulnerability Alert

What is CVE-2022-1839?

A vulnerability classified as critical was found in Home Clean Services Management System 1.0. This vulnerability affects the file login.php. The manipulation of the argument email with the input admin%'//AND//(SELECT//5383//FROM//(SELECT(SLEEP(2)))JPeh)//AND/**/'frfq%'='frfq leads to sql injection. The attack can be initiated remotely but it requires authentication. Exploit details have been disclosed to the public.

Affected Version(s)

Home Clean Services Management System 1.0

References

https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/...

x_refsource_MISC

https://vuldb.com/?id.200584

x_refsource_MISC

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 24, 2022
Vulnerability Reserved
May 24, 2022

JSON