CVE-2022-40766 | Severity.io

Description

Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring.

Related CPE's

Vulnerable

References

ExploitThird Party Advisory

ProductVendor Advisory

Weaknesses

Primary

CWE-89

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

Information

Source identifier

Vulnerability status

Analyzed

Published

2022-09-18T05:15:08.707

2 years ago

Last modified

2022-09-21T06:23:02.427

2 years ago