exploitDog

CVE-2022-22055

Опубликовано: 14 янв. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.

Ссылки

https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:le-yan_dental_management_system_project:le-yan_dental_management_system:2.8.5:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.0316

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-pm6c-vm5w-mq75

github

около 4 лет назад

The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.

EPSS

Процентиль: 87%

0.0316

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-89

CWE-89