Unrated severityNVD Advisory· Published Nov 17, 2022· Updated Apr 28, 2025

College Management System v1.0 - Authenticated remote code execution

CVE-2022-39179

Description

College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file.

Affected products

College Management/College Management System V1.0v5
Range: All versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gov.il/en/Departments/faq/cve_advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000