CVE-2024-22108
Summary: GTB Central Console 15.17.1-30814.NG is affected by an unauthenticated SQL injection in the function setTermsHashAction (PureApi/CCApi.class.php) reachable via /ccapi.php. This can allow an attacker to change the Administrator password to a known value. Impact: cryptographic and admin cr...