3 matches found
CVE-2022-25223
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/viewdetails' via the 'id' parameter...
CVE-2022-25223
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/viewdetails' via the 'id' parameter...
CVE-2022-25223
CVE-2022-25223 affects Money Transfer Management System Version 1.0. An authenticated user can inject SQL via the id parameter in mtms/admin/?page=transaction/view_details, indicating a SQL injection in the transaction viewing detail path. The root cause is lack of input validation for external S...