High severity7.2NVD Advisory· Published Nov 17, 2022· Updated Jun 17, 2026
CVE-2022-39179
CVE-2022-39179
Description
College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file.
Affected products
2<=1.0+ 1 more
- (no CPE)range: <=1.0
- (no CPE)range: All versions
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.