Vulnerability Details CVE-2022-37138
Loan Management System 1.0 is vulnerable to SQL Injection at the login page, which allows unauthorized users to login as Administrator after injecting username form.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.3%
CVSS Severity
CVSS v3 Score 9.8
References
- https://github.com/saitamang/POC-DUMP/blob/main/Loan%20Management%20System/README.md
- https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html
- https://github.com/saitamang/POC-DUMP/blob/main/Loan%20Management%20System/README.md
- https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html
Products affected by CVE-2022-37138
-
cpe:2.3:a:razormist:loan_management_system:1.0