2 matches found
CVE-2022-32399
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/crimes/viewcrime.php:4...
CVE-2022-32399
CVE-2022-32399 : The Prison Management System v1.0 is affected by a SQL injection in the /pms/admin/crimes/view_crime.php:4 endpoint, via the vulnerable id parameter. The root cause is unsanitized input in the id field, allowing an attacker to craft SQL payloads. The CVSS information shows a high...