4 matches found
CVE-2022-39056
CVE-2022-39056 affects the RAVA certificate validation system from Changing Information Technology Inc. The connected sources show a SQL injection vulnerability caused by insufficient validation of user input, allowing an unauthenticated remote attacker to inject arbitrary SQL commands to access,...
CVE-2022-39058
CVE-2022-39058 concerns the RAVA certificate validation system from Changing Information Technology Inc. The issue is a path traversal vulnerability allowing an unauthenticated remote attacker to bypass authentication and access arbitrary system files. Multiple sources corroborate the vulnerabili...
CVE-2022-39057
The CVE-2022-39057 issue concerns Changing Information Technology Inc.’s RAVA certificate validation system, where insufficient filtering of a special parameter in a web page input field allows a remote attacker with administrator privileges to perform arbitrary system commands and disrupt servic...
CVE-2022-39055
CVE-2022-39055 affects the RAVA certificate validation system from Changing Information Technology Inc. The vulnerability arises from inadequate filtering of URL parameters, enabling an unauthenticated remote attacker to perform a Server-Side Request Forgery (SSRF) to map internal network topolog...