Lucene search
China National Vulnerability DatabaseCNVD-2022-68948HistoryMay 26, 2022 - 12:00 a.m.
Covid-19 Travel Pass Management System SQL Injection Vulnerability (CNVD-2022-68948)
2022-05-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.002 Low
EPSS
Percentile
54.6%
Covid-19 Travel Pass Management System is a Covid-19 travel pass management system. It provides an online platform for submitting travel passes within the Covid-19 restrictions. SQL injection vulnerability exists in the Covid-19 Travel Pass Management System v1.0 version, which originates from /ctpms/classes/Master.php?f=update_ application_status lacks validation for external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Carlo Montero Covid-19 Travel Pass Management System v | eq | 1.0 |
Related
nvd
nvd
CVE-2022-30838
2022-05-24 15:15:08
cve
cve
CVE-2022-30838
2022-05-24 15:15:08
prion
prion
Sql injection
2022-05-24 15:15:00
cvelist
cvelist
CVE-2022-30838
2022-05-24 14:06:59