2 matches found
CVE-2022-27473
The connected sources confirm CVE-2022-27473 is a SQL injection in Roothub 2.6.0’s Topics Searching feature, exploitable via the s parameter to execute arbitrary SQL remotely due to lack of input validation. Affected: Roothub 2.6.0; Root cause: unsafely assembled SQL from external input. Practica...
CVE-2022-27472
The connected documents confirm CVE-2022-27472 affects Roothub 2.6.0, specifically the Topics Counting feature. The vulnerability is a SQL injection exploitable via the s parameter, allowing remote attackers to execute arbitrary SQL commands and potentially access or modify data in the database. ...