Vulnerability Description
Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Badminton Center Management System Project | Badminton Center Management System | 1.0 |
Related Weaknesses (CWE)
References
- http://badminton.comProduct
- https://github.com/yasinyildiz26/Badminton-Center-Management-SystemExploitThird Party Advisory
- http://badminton.comProduct
- https://github.com/yasinyildiz26/Badminton-Center-Management-SystemExploitThird Party Advisory
FAQ
What is CVE-2022-30490?
CVE-2022-30490 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php.
How severe is CVE-2022-30490?
CVE-2022-30490 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-30490?
Check the references section above for vendor advisories and patch information. Affected products include: Badminton Center Management System Project Badminton Center Management System.