2 matches found
CVE-2022-28930
ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml...
CVE-2022-28930
ERP-Pro v3.7.5 contains a SQL injection vulnerability exploitable via the component /base/SysEveMenuAuthPointMapper.xml. CVSS 3.1 base score 9.8 (CRITICAL) with network attack vector and no privileges required; confidentiality, integrity, and availability impacts are HIGH. The documents do not pr...