Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History.
References
Link | Resource |
---|---|
https://www.synacktiv.com/sites/default/files/2022-12/sage_xrt_multiple_sqli_1.pdf | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-01-01T00:00:00
Updated: 2023-01-01T00:00:00
Reserved: 2022-06-22T00:00:00
Link: CVE-2022-34324
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-01T08:15:10.217
Modified: 2023-01-09T15:24:44.180
Link: CVE-2022-34324
JSON object: View
Redhat Information
No data.
CWE