CVE-2022-36529
Kensite CMS v1.0 contains multiple SQL injection vulnerabilities in the API endpoint /framework/mod/db/DBMapper.xml, exploitable through the name and oldname parameters. Affected software: Kensite CMS 1.0; vulnerable component/file: DBMapper.xml endpoint. Root cause: improper handling/unsanitized...