Lucene search
K
ChangingtecRava Certificate Validation System

4 matches found

CVE
CVE
added 2022/10/18 5:40 a.m.60 views

CVE-2022-39056

CVE-2022-39056 affects the RAVA certificate validation system from Changing Information Technology Inc. The connected sources show a SQL injection vulnerability caused by insufficient validation of user input, allowing an unauthenticated remote attacker to inject arbitrary SQL commands to access,...

9.8CVSS10AI score0.0076EPSS
CVE
CVE
added 2022/10/18 5:40 a.m.53 views

CVE-2022-39058

CVE-2022-39058 concerns the RAVA certificate validation system from Changing Information Technology Inc. The issue is a path traversal vulnerability allowing an unauthenticated remote attacker to bypass authentication and access arbitrary system files. Multiple sources corroborate the vulnerabili...

7.5CVSS7.8AI score0.01684EPSS
CVE
CVE
added 2022/10/18 5:40 a.m.52 views

CVE-2022-39057

The CVE-2022-39057 issue concerns Changing Information Technology Inc.’s RAVA certificate validation system, where insufficient filtering of a special parameter in a web page input field allows a remote attacker with administrator privileges to perform arbitrary system commands and disrupt servic...

7.2CVSS7.2AI score0.00686EPSS
CVE
CVE
added 2022/10/18 5:40 a.m.42 views

CVE-2022-39055

CVE-2022-39055 affects the RAVA certificate validation system from Changing Information Technology Inc. The vulnerability arises from inadequate filtering of URL parameters, enabling an unauthenticated remote attacker to perform a Server-Side Request Forgery (SSRF) to map internal network topolog...

5.3CVSS5.4AI score0.0041EPSS