3 matches found
CVE-2022-1248
A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAPInformationSystem/controllers/addadmin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploi...
CVE-2022-1248 SAP Information System POST Request add_admin.php improper authentication
A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAPInformationSystem/controllers/addadmin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploi...
CVE-2022-1248
CVE-2022-1248 impacts SAP Information System 1.0. The flaw is in the file /SAP_Information_System/controllers/add_admin.php , where an unauthenticated attacker can create a new admin account via a simple POST request due to missing authorization/session verification. CVSS v3.1 base score 7.3 (Hig...