SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information.
References
Link | Resource |
---|---|
https://github.com/ifmacedo/mconnect/blob/main/IDCE-SQLi | Exploit Third Party Advisory |
https://www.linkedin.com/pulse/sql-injection-idce-mv-iran-macedo/ | Exploit Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-27T18:26:19
Updated: 2022-05-27T18:26:19
Reserved: 2022-05-09T00:00:00
Link: CVE-2022-30496
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-02T14:15:53.327
Modified: 2022-06-10T19:37:31.217
Link: CVE-2022-30496
JSON object: View
Redhat Information
No data.
CWE