HomePentest-Tools.com Logo

Directory Management System 1.0 - SQL Injection CVE-2022-29006

Severity
CVSSv3 Score
9.8
Vulnerability description

Directory Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n

Risk description

No risk description to display.

Recommendation

Apply the latest patch or update provided by the vendor to fix the SQL Injection vulnerability in the Directory Management System 1.0.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
May 11, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available