3 matches found
CVE-2022-44784
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed...
CVE-2022-44784
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed...
CVE-2022-44784
CVE-2022-44784 affects Maggioli Maggioli Appalti & Contratti 9.12.2, specifically the LFS and DL229 web applications that expose Axis 1.4 services embedded in the app. The Axis AdminService, intended for localhost only, can be reached remotely through the default configuration, enabling an attack...