mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 22:35:37 +02:00
0xMarcio
937 B
937 B
CVE-2022-2086
Description
A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the input 1'and 1=2 union select 1,sleep(10),3,4,5 --+ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
POC
Reference
- https://github.com/joinia/webray.com.cn/blob/main/php-bank/phpbanksql.md
- https://vuldb.com/?id.202034
Github
No PoCs found on GitHub currently.