A vulnerability was found in Shaoxing Background Management System. It has been declared as critical. This vulnerability affects unknown code of the file /Default/Bd. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214774 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/Peanut886/Vulnerability/blob/main/SQL%20injection%20exists%20in%20the%20background%20management%20system%20Default%20of%20Shaoxing%20Punctuation%20Electronic%20Technology%20Co.%2C%20LTD.md | Exploit Third Party Advisory |
https://vuldb.com/?id.214774 | Permissions Required Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-12-03 10:15
Updated : 2022-12-05 17:06
NVD link : CVE-2022-4277
Mitre link : CVE-2022-4277
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
background_management_system_project
- background_management_system