CVE-2022-30004 - OpenCVE

Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection..

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Online Market Place Site Project	Online Market Place Site

Configuration 1 [-]

cpe:2.3:a:online_market_place_site_project:online_market_place_site:1.0:*:*:*:*:*:*:*

References

Link	Resource
https://packetstormsecurity.com/files/168249/Online-Market-Place-Site-1.0-SQL-Injection.html	Exploit Third Party Advisory VDB Entry
https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html	Product

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-26T19:16:39

Updated: 2022-09-26T19:16:39

Reserved: 2022-05-02T00:00:00

Link: CVE-2022-30004

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-26T20:15:09.520

Modified: 2022-09-28T17:03:19.440

Link: CVE-2022-30004

JSON object: View

Redhat Information

No data.

CWE

CWE-89

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection.."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-26T19:16:39", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html"}, {"tags": ["x_refsource_MISC"], "url": "https://packetstormsecurity.com/files/168249/Online-Market-Place-Site-1.0-SQL-Injection.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-30004", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection.."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html", "refsource": "MISC", "url": "https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html"}, {"name": "https://packetstormsecurity.com/files/168249/Online-Market-Place-Site-1.0-SQL-Injection.html", "refsource": "MISC", "url": "https://packetstormsecurity.com/files/168249/Online-Market-Place-Site-1.0-SQL-Injection.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-30004", "datePublished": "2022-09-26T19:16:39", "dateReserved": "2022-05-02T00:00:00", "dateUpdated": "2022-09-26T19:16:39", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}