Today > | 5 Medium | 2 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2022-28132

May 14, 2024, 9:15 p.m.

Product(s) Impacted

T-Soft E-Commerce

  • 4

Description

The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication mechanisms, view sensitive information stored in the database, and potentially exfiltrate data.

Weaknesses

Date

Published: May 14, 2024, 9:15 p.m.

Last Modified: May 14, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References