Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:43 p.m.23 views

CVE-2022-41671

A CWE-89: Improper Neutralization of Special Elements used in SQL Command ‘SQL Injection’ vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected...

7.8CVSS7.4AI score0.0025EPSS
Exploits0References1
Circl
Circl
added 2022/11/04 5:46 p.m.8 views

CVE-2022-41671

creationtimestamp| type| source ---|---|--- 2022-11-04 17:46:05+00:00| seen| https://t.me/cibsecurity/52565 2025-05-01 19:14:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14372...

7.8CVSS7.5AI score0.0025EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/04 12:0 a.m.8 views

CVE-2022-41671

A CWE-89: Improper Neutralization of Special Elements used in SQL Command ‘SQL Injection’ vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected...

7CVSS7.4AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2022/11/04 12:0 a.m.72 views

CVE-2022-41671

CVE-2022-41671 corresponds to an SQL Injection (CWE-89) in Schneider Electric EcoStruxure Operator Terminal Expert (V3.3 Hotfix 1 or prior) and Pro-face BLUE (V3.3 Hotfix 1 or prior). The vulnerability arises from improper neutralization of SQL commands, enabling local-privilege adversaries to cr...

7.8CVSS7.8AI score0.0025EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder