4 matches found
CVE-2022-31384
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php...
Directory Management System SQL Injection Vulnerability
Directory Management System is a directory management system. A SQL injection vulnerability exists in Directory Management System v1.0, which stems from a lack of validation of the fullname parameter in add-directory.php against an externally-entered SQL statement. An attacker can exploit this...
CVE-2022-31384
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php...
CVE-2022-31384
CVE-2022-31384 affects Directory Management System v1.0, with a SQL injection vulnerability in add-directory.php exploitable via the fullname parameter due to insufficient input validation. Affected component is the add-directory.php endpoint; the issue enables arbitrary SQL execution and potenti...