关键信息 CVE ID: CVE-2022-3012 Vulnerability: SQL Injection Affected System: oretynom23 Fast Food Ordering System (unknown version) Affected File: ffos/admin/reports/index.php Affected Element: Unknown function of the file, possibly related to the argument Severity: Critical Category: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Impact: Confidentiality, Integrity, and Availability Disclosure Date: 08/27/2022 Exploit Availability: Yes, proof-of-concept available on GitHub Search Query for Vulnerable Targets: inurl:ffos/admin/reports/index.php Mitigation: No known countermeasures; suggest replacing the affected object with an alternative product Related IDs: VDB-207422, GCVE-100-207422