2 matches found
CVE-2022-25405
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in changebox.php via the DELETESTR parameter...
CVE-2022-25405
CVE-2022-25405 : Tongda2000 v11.10 has a SQL injection in change_box.php via the DELETE_STR parameter. The root cause is the product’s failure to adequately filter special characters in DELETE_STR. The vulnerability could allow execution of malicious SQL, per CNVD/CNNVD/Red Hat notes. Exploitatio...