Vulnerability Details CVE-2022-2688
A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetch_report_credit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-205811.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.8%
CVSS Severity
CVSS v3 Score 6.3
Products affected by CVE-2022-2688
-
cpe:2.3:a:expense_management_system_project:expense_management_system:-