logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2022-30335

Description

Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component.


Affected Software


CPE Name Name Version
wealth:bonanza_wealth_management_system wealth bonanza wealth management system 7.3.2