2 matches found
CVE-2022-30002
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nomineeid=...
CVE-2022-30002
CVE-2022-30002 affects Insurance Management System 1.0 with a SQL Injection vulnerability in the endpoint /insurance/editNominee.php?nominee_id=. Root cause is unsafe handling of the nominee_id parameter, enabling arbitrary SQL execution. CVSS metrics in the record indicate Moderate to High impac...