CVE-2022-47859

Description

Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePassword.php.

Related CPE's

a lead_management_system_project lead_management_system 1.0 *******

References

https://github.com/xiumulty/CVE/blob/main/Lead%20management%20system%20v1.0/sql%20in%20changePassword.php.md

ExploitThird Party Advisory

https://www.sourcecodester.com/php/15933/lead-management-system-php-open-source-free-download.html

Product

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io