CVE-2022-44378

🗓️ 18 Nov 2022 18:10:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 42 Views🌐 WEB

Automotive Shop Management System v1.0 SQL vulnerabilit

Reporter	Title	Published	Views	Family All 4
CNVD	Automotive Shop Management System SQL Injection Vulnerability (CNVD-2022-87036)	23 Nov 202200:00	–	cnvd
Cvelist	CVE-2022-44378	18 Nov 202200:00	–	cvelist
Prion	Code injection	18 Nov 202218:15	–	prion
NVD	CVE-2022-44378	18 Nov 202218:15	–	nvd

Nvd

Node

automotive_shop_management_system_project automotive_shop_management_systemMatch1.0

Source	Link
github	www.github.com/suikirakira/bug_report/blob/main/vendors/oretnom23/automotive-shop-management-system/SQLi-1.md

Parameter	Position	Path	Description	CWE
f	query param	/asms/classes/Master.php	SQL injection vulnerability in the delete_mechanic function of the Master.php endpoint.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Nov 2022 18:15Current

7.1High risk

Vulners AI Score7.1

CVSS37.2

EPSS0.00114

CWE-89