Exploit of College Website v1.0 CMS - SQL injection
CVE-2022-27414 - SQL-Injection
College Website CMS v10 - CVE-2022-27414 - SQL Injection
CVE url
cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2022-27414
PoC below
Vulnerable Code
starts from line 9 in "cwms\departments\indexphp"
<?php
$departments = $conn->query("SELECT * FROM `department_list` where