3 matches found
CVE-2022-32391
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/actions/viewaction.php:4...
CVE-2022-32391
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/actions/viewaction.php:4...
CVE-2022-32391
The CVE-2022-32391 entry relates to Prison Management System v1.0, which contains a SQL injection vulnerability in the id parameter of /pms/admin/actions/view_action.php (line 4). The root cause is lack of proper escaping/filtering for the id input, enabling potentially unauthorized access to dat...