1. Home
  2. CVE Database
  3. CVE-2022-39179
HIGH · 7.2

CVE-2022-39179

College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file tha...

Vulnerability Description

College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file.

CVSS Score

7.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
College Management System ProjectCollege Management System1.0

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2022-39179?

CVE-2022-39179 is a vulnerability with a CVSS score of 7.2 (HIGH). College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file tha...

How severe is CVE-2022-39179?

CVE-2022-39179 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-39179?

Check the references section above for vendor advisories and patch information. Affected products include: College Management System Project College Management System.