3 matches found
CVE-2022-29738
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send=, id...
CVE-2022-29738
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id...
CVE-2022-29738
CVE-2022-29738 affects Money Transfer Management System 1.0. Multiple connected sources confirm a SQL Injection vulnerability in the admin transaction endpoint: /mtms/admin/?page=transaction/send&id= (id parameter). Root cause is user-controlled input not properly sanitized, enabling arbitrary SQ...