CVE-2022-38267 Information

Description

School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/user/index.php?view=edit&id=.

Reference

https://github.com/moyess/bug_report/blob/main/vendors/janobe/school-activity-updates-sms-notification/SQLi-1.md