CVE-2022-26285

Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:simple_client_management_system_project:simple_client_management_system:1.0:*:*:*:*:*:*:*

Information

Published : 2022-03-21 16:15

Updated : 2022-03-29 09:32


NVD link : CVE-2022-26285

Mitre link : CVE-2022-26285


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

simple_client_management_system_project

  • simple_client_management_system