A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(5)))JPeh)/**/AND/**/'frfq%'='frfq leads to sql injection. It is possible to initiate the attack remotely but it requires authentication. Exploit details have been disclosed to the public.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2022-05-24T05:25:22
Updated: 2024-08-03T00:17:00.869Z
Reserved: 2022-05-24T00:00:00
Link: CVE-2022-1838
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-24T06:15:09.027
Modified: 2022-06-02T19:43:44.870
Link: CVE-2022-1838
Redhat
No data.