3 matches found
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser&id=. id: CVE-2022-31975 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...
CVE-2022-31975
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser&id=...
CVE-2022-31975
Vulnerability : Online Fire Reporting System v1.0 is affected by a SQL Injection in the admin user management endpoint. The issue occurs via /ofrs/admin/?page=user/manage_user&id= (lack of input validation in the parameter), enabling manipulation of SQL queries. Impact : could lead to arbitrary S...