CVE-2022-28132

May 14, 2024, 9:15 p.m.

Tags

cve@mitre.org
2024-05-14
CVE-2022-28132

Product(s) Impacted

T-Soft E-Commerce

  • 4

Description

The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication mechanisms, view sensitive information stored in the database, and potentially exfiltrate data.

Weaknesses

Date

Published: May 14, 2024, 9:15 p.m.

Last Modified: May 14, 2024, 9:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://www.exploit-db.com/exploits/50939
cve@mitre.org