Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistFluid AttacksCVELIST:CVE-2022-42744
HistoryNov 03, 2022 - 12:00 a.m.

CVE-2022-42744

2022-11-0300:00:00
Fluid Attacks
www.cve.org
2
candidats
sqli
crud operations
cve-2022-42744

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

65.8%

JSON

CandidATS version 3.0.0 allows an external attacker to perform CRUD operations on the application databases. This is possible because the application does not correctly validate the entriesPerPage parameter against SQLi attacks.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "CandidATS",
    "versions": [
      {
        "version": "3.0.0",
        "status": "affected"
      }
    ]
  }
]

Related

prion 1
cve 1
nvd 1
prion
prion
Design/Logic Flaw
2022-11-03 20:15:00
cve
cve
CVE-2022-42744
2022-11-03 20:15:32
nvd
nvd
CVE-2022-42744
2022-11-03 20:15:32

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

65.8%

JSON
Related for CVELIST:CVE-2022-42744
prion1cve1nvd1