Lucene search
HistoryDec 19, 2022 - 2:15 p.m.
CVE-2022-4050
cve-2022-4050
joomsport
wordpress
plugin
sql injection
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.071 Low
EPSS
Percentile
94.0%
The JoomSport WordPress plugin before 5.2.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users
Affected configurations
Node
beardevjoomsportRange<5.2.8
CNA Affected
[
{
"vendor": "Unknown",
"product": "JoomSport",
"collectionURL": "https://wordpress.org/plugins",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "5.2.8"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2022-4050
2022-12-19 14:15:11
prion
prion
Sql injection
2022-12-19 14:15:00
cvelist
cvelist
CVE-2022-4050 JoomSport < 5.2.8 - Unauthenticated SQLi
2022-12-19 13:41:51
wpvulndb
wpvulndb
JoomSport < 5.2.8 - Unauthenticated SQLi
2022-11-28 00:00:00
nuclei
nuclei
WordPress JoomSport <5.2.8 - SQL Injection
2022-12-13 14:22:56
wpexploit
wpexploit
JoomSport < 5.2.8 - Unauthenticated SQLi
2022-11-28 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.071 Low
EPSS
Percentile
94.0%
Related for CVE-2022-4050