CVE-2022-3972 An issue was found in Pingkon HMS-PHP. It is critical and affects admin/adminlogin.php processing. The argument uname/pass can be manipulated to lead to sql injection.

CVE-2022-3972 An issue was found in Pingkon HMS-PHP. It is critical and affects admin/adminlogin.php processing. The argument uname/pass can be manipulated to lead to sql injection.

This issue was found in Pingkon PHP. It has been rated as moderate. It may be exploited by hackers to cause a denial-of-service. This vulnerability can be exploited by posting a specially crafted request to a PHP script. The request must contain specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote. The vulnerability has been confirmed to be exploited by hackers. It may be exploited by remote attackers directly. There are probably no mitigations against this issue. This issue is confirmed to be exploited in the wild. It may lead to the execution of arbitrary code. It is highly likely that it will be exploited in the future as well.

Vulnerability Overview: CVE-2022-3972

This issue was found in PHP and it has been rated as moderate. It may be exploited by hackers to cause a denial-of-service. This vulnerability can be exploited by posting a specially crafted request to a PHP script. The request must contain specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote. The vulnerability has been confirmed to be exploited in the wild. It may lead to the execution of arbitrary code. It is highly likely that it will be exploited in the future as well.

Vulnerability overview

A vulnerability has been found in Pingkon PHP. The vulnerability is a remote code execution flaw. It may be exploited by hackers to cause a denial-of-service. This vulnerability can be exploited by posting a specially crafted request to a PHP script that contains specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote, and the vulnerable application has been confirmed to be exploited in the wild, so this issue will likely be exploited again in the future as well.

Vulnerability Introduction and Technical Description

Pingkon PHP was vulnerable to a denial-of-service attack. This vulnerability could be exploited by posting a specially crafted request to a PHP script. The request must contain specific arguments. It is possible to execute arbitrary code via it. The attack is delivered via remote. The vulnerability has been confirmed to be exploited in the wild. It may be exploited by remote attackers directly. There are probably no mitigations against this issue. This issue is confirmed to be exploited in the wild. It may lead to the execution of arbitrary code. It is highly likely that it will be exploited in the future as well.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe