2 matches found
CVE-2022-26285
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests...
CVE-2022-26285
CVE-2022-26285 affects Simple Subscription Website v1.0. A SQL injection flaw exists in the apply endpoint’s id parameter, allowing an attacker to dump the database via crafted HTTP requests. Connected sources (NVD/Red Hat/CNVD/CVE records) confirm the vulnerable endpoint and impact. The document...