{"vulnerability": "cve-2022-27927", "sightings": [{"uuid": "530dc511-95e2-491c-ab0c-8777de71333b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27927", "type": "seen", "source": "https://t.me/cibsecurity/41089", "content": "\u203c CVE-2022-27927 \u203c\n\nA SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-19T16:24:00.000000Z"}, {"uuid": "90eb2f78-a157-49e6-9b62-774c54189b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27927", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1730", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-27927 Microfinance Management System V1.0 SQL Injection Vulnerability\nURL\uff1ahttps://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-28T06:48:33.000000Z"}]}