Lucene search
K

5 matches found

NVD
NVD
added 2026/01/22 10:16 a.m.5 views

CVE-2025-4764

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection. This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

8.8CVSS0.00443EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/18 5:40 a.m.22 views

CVE-2022-39057 Changing Information Technology Inc. RAVA certificate validation system - Command Injection

RAVA certificate validation system has insufficient filtering for special parameter of the web page input field. A remote attacker with administrator privilege can exploit this vulnerability to perform arbitrary system command and disrupt service...

7.2CVSS7.4AI score0.00686EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/18 5:40 a.m.25 views

CVE-2022-39056 Changing Information Technology Inc. RAVA certificate validation system - SQL Injection

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database...

9.8CVSS10AI score0.0076EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/18 5:40 a.m.22 views

CVE-2022-39055 Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF)

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response...

5.3CVSS5.7AI score0.0041EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/29 7:15 a.m.17 views

CVE-2021-44161 Changing Information Technology Inc. MOTP(Mobile One Time Password) - SQL Injection

Changing MOTP Mobile One Time Password system’s specific function parameter has insufficient validation for user input. A attacker in local area network can perform SQL injection attack to read, modify or delete backend database without authentication...

8.8CVSS9.1AI score0.00495EPSS
Exploits0References1
Rows per page
Query Builder