2 matches found
CVE-2022-29998
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?clientid=...
CVE-2022-29998
Insurance Management System 1.0 is vulnerable to SQL Injection via the endpoint /insurance/clientStatus.php with the vulnerable parameter client_id . The root cause is improper handling of the input, allowing attacker-controlled queries to manipulate the database. The PT-2022-19957 advisory notes...