Login
Start Free Trial
Research Center
CVE-2022-31992 Research Center

CVE-2022-31992

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=court_rentals/view_court_rental&id=.

  • 7.2 high severity

  • CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

  • 02/06/2022

Products 1

Ba

Badminton Center Management System

by Badminton Center Management System Project

1 Version

3 months ago

Vulnerability Categories 1

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

xTags 6

#known_vulnerability
#admin_privileges_required_for_exploiting
#confidentiality_impact_if_exploited
#integrity_impact_if_exploited
#availability_impact_if_exploited
#new_vulnerability_published

Advisory Links 1

https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/badminton-center-management-system/SQLi-8.md
http://www.vicarius.io is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the Website is purely for informational, and educational purposes and should be independently verified and confirmed. Vicarius does not accept any liability for any loss or damage whatsoever caused in reliance upon such information or services. No statements or information presented in any form by Vicarius is intended as fact, and you agree that you will not consider the statements or information presented on the Website as fact or as a guarantee of performance.

Related CVEs

Security Research Topics

By John Kilhefner
Aug 18, 2022

Blockchain Security - The New Threat. Part 2.

The conclusion to a two-part series on Blockchain technology and the threats that security practitioners should have top-of-mind. One of blockchain technology’s claims to fame is that it enables trustless interactions between parties... a claim that I'll explain is only "mostly" accurate. Let's explore the threats of blockchain.
By John Kilhefner
Aug 16, 2022

How the Common Vulnerability Scoring System Is Used (And Should You Rely on It?)

The Common Vulnerability Scoring System has been at the center of praise and controversy in the cybersecurity world. Let's separate fact from fiction and discover the merits——and pitfalls——of this system.
By Jenny R
Aug 14, 2022

Session Management Attacks - Part two

This article is the second part of the Session Management topic. The focus is on prevention practices, with one particular example of inactivity timer implementation!
By Wilson Corbett
Aug 12, 2022

Vulnerability Scanners 101: The Basics of Vulnerability Scanning

Storing data on an organization’s network is not an easy feat. Companies want their network as secure as possible, identifying loopholes and weak points to uncover and address vulnerabilities that cyber attackers can exploit. This need for protection is where Vulnerability Scanners enter the picture.
By Kent Weigle
Aug 12, 2022

CISAnalysis 12 August 2022

Zimbra Collaboration is back on CISA's shi... I mean Known Exploited Vulnerabilities Catalog. Today's theme is remote code execution without authentication.
last_chanse_02.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
Get a Demo
Start Free Trial!