CVE-2022-30493

Name of the Vulnerable Software and Affected Versions oretnom23 Automotive Shop Management System version 1.0

Description The issue allows remote attackers to exploit a blind SQL Injection Vulnerability through the product id parameter. This vulnerability enables attackers to dump all database credentials and gain admin access, resulting in privilege escalation.

Recommendations For oretnom23 Automotive Shop Management System version 1.0, consider restricting access to the product id parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the product id parameter in sensitive operations until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.