SQL Injection Vulnerability in Loan Management System 1.0 Allows Unauthorized Access as Administrator

SQL Injection Vulnerability in Loan Management System 1.0 Allows Unauthorized Access as Administrator

CVE-2022-37138 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Loan Management System 1.0 is vulnerable to SQL Injection at the login page, which allows unauthorized users to login as Administrator after injecting username form.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.