admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-281xx/CVE-2022-28132.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

64 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-28132",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T21:15:11.760",
"lastModified": "2024-11-21T06:56:48.713",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication mechanisms, view sensitive information stored in the database, and potentially exfiltrate data."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n web T-Soft E-Commerce 4 es susceptible a ataques de inyecci\u00f3n SQL (SQLi) cuando se autentica como administrador o usuario privilegiado. Esta vulnerabilidad permite a los atacantes acceder y manipular la base de datos mediante solicitudes manipuladas. Al explotar esta falla, los atacantes pueden eludir los mecanismos de autenticaci\u00f3n, ver informaci\u00f3n confidencial almacenada en la base de datos y potencialmente filtrar datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/50939",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/50939",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink