SQL Injection Vulnerability in Simple Task Managing System v1.0 - Arbitrary Code Execution and Information Disclosure

SQL Injection Vulnerability in Simple Task Managing System v1.0 - Arbitrary Code Execution and Information Disclosure

CVE-2022-40032 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.

Learn more about our User Device Pen Test.