.. / CVE-2022-28468

Exploit for Payroll Management System v1.0 - SQL injection (CVE-2022-28468)

Description:

Payroll Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter.

Proof of Concept

PoC exploit

https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Payroll-Management-System

Try the exploit in a lab environment:

Lab	Machine	Link
Hack The Box	Trick	Go to Practice

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-28468
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Payroll-Management-System