What is CVE-2022-27927?

CVE-2022-27927 is a vulnerability in N/a. Published 2022-04-19.

Is CVE-2022-27927 known to be exploited?

15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-27927

A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_nu…

EPSS: 0.816 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated
20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
NaInSec/CVE-PoC-in-GitHub
SYRTI/POC_
WhooAmii/POC_
k0mi-tg/CVE-POC
manas3c/CVE-POC
nomi-sec/PoC-in-GitHub

References

www.sourcecodester.com/php/14822/microfinance-management-system.html (x_refsource_MISC)
github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulne… (x_refsource_MISC)
packetstormsecurity.com/files/167017/Microfinance-Management-System-1.0-SQL-Inj… (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-27927?: CVE-2022-27927 is a vulnerability in N/a. Published 2022-04-19.
Is CVE-2022-27927 known to be exploited?: 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.