3 matches found
CVE-2022-36754
Expense Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Home/debitcreditp...
CVE-2022-36754
creationtimestamp| type| source ---|---|--- 2022-09-03 02:39:33+00:00| seen| https://t.me/cibsecurity/49261...
CVE-2022-36754
Expense Management System v1.0 is vulnerable to SQL injection via the id parameter in /Home/debit_credit_p. The issue is caused by lack of input validation, allowing potentially unauthorized SQL statements. The NVD entry lists CVSS v3.1: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H with base score 7.2 ( H...