2 matches found
CVE-2022-26348
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded in...
CVE-2022-26348
CVE-2022-26348 describes a SQL Injection vulnerability in Gallagher Command Centre Server, activated via Windows Registry settings for date fields. An attacker using the Visitor Management Kiosk (a public-use application) can invoke an arbitrary SQL query preloaded into the server’s registry to o...