Lucene search
China National Vulnerability DatabaseCNVD-2022-83613HistoryMar 25, 2022 - 12:00 a.m.
Money Transfer Management System SQL Injection Vulnerability
2022-03-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
sql injection
money transfer management system
version 1.0
missing validation
external input
admin maintenance
manage branch
manage fee
illegal sql commands
sensitive database data
vulnerability
EPSS
0.003
Percentile
71.0%
A SQL injection vulnerability exists in Money Transfer Management System version 1.0, a money transfer management system. The vulnerability stems from missing validation of external input SQL statements in the id parameter in admin/maintenance/manage_branch.php and admin/maintenance/manage_fee.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
cvelist
cvelist
CVE-2022-25222
2022-03-23 19:46:12
cve
cve
CVE-2022-25222
2022-03-23 20:15:11
prion
prion
Sql injection
2022-03-23 20:15:00
nvd
nvd
CVE-2022-25222
2022-03-23 20:15:11