CVE-2022-3973 A critical vulnerability has been found in Pingkon HMS-PHP Data Pump Metadata. The manipulation of the argument uname/pass leads to sql injection.
The researcher of the problem discovered by the RedTeam Pentesting security group states that the injectable sql code is as follows: Injectable sql code: [Select]
CVE-2022-43672 In PAM360, Password Manager Pro, and Access Manager Plus, SQL Injection (CVE-2022-43671) was found in a different software component.
The affected components are Zoho ManageEngine Password Manager Pro, PAM360, and Access Manager Plus. If a user has these software installed on their system, an
CVE-2022-3956 - Critical SQL Injection in tsruban HHIMS 2.1 Patient Portrait Handler (VDB-213462) – What You Need to Know
---
Introduction
A dangerous flaw, tracked as CVE-2022-3956, was discovered in tsruban HHIMS 2.1, a healthcare management system. This vulnerability, marked as critical, centers
CVE-2022-3955 - Critical SQL Injection in tholum crm42's Login – How It Works and How Attackers Exploit It
In late 2022, a critical security flaw was found in tholum crm42, a little-known customer relationship management (CRM) system. The flaw was officially cataloged as
CVE-2022-3948 - Critical SQL Injection Vulnerability in eolinker goku_lite (VDB-213454) Explained
eolinker goku_lite, an API management platform, was found to contain a critical security hole that could allow attackers to compromise your data remotely. This
Episode
00:00:00
00:00:00