Vulnerabilities > CVE-2022-2697 - Unspecified vulnerability in Simple E-Learning System Project Simple E-Learning System
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file comment_frame.php. The manipulation of the argument post_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-205818 is the identifier assigned to this vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- https://github.com/E1CHO/water_cve/blob/main/E-learning%20System%20comment_frame.php%20post_id%20parameter%20SQl%20injection.pdf
- https://github.com/E1CHO/water_cve/blob/main/E-learning%20System%20comment_frame.php%20post_id%20parameter%20SQl%20injection.pdf
- https://vuldb.com/?id.205818
- https://vuldb.com/?id.205818