CVE-2022-2808 is a high-severity authorization bypass vulnerability in Algan Software's Prens Student Information System, published by NVD on 2022-12-02 and last modified on 2026-05-20. The flaw, classified as CWE-639 (Authorization Bypass Through User-Controlled Key), enables Object Relational Mapping (ORM) injection attacks. Affected versions span all releases prior to 2.1.11. The CVSS 3.1 score of 8.8 [truncated]
A critical SQL injection vulnerability exists in Algan Software's Prens Student Information System versions prior to 2.1.11. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data exfiltration, or system takeover. The CVSS 3.1 score of 9.8 reflects network attackability with low complexity, no privileges requir [truncated]
