CVE-2022-22794

by Fred · 24/02/2022

Cybonet – PineApp Mail Relay Unauthenticated Sql Injection. Attacker can send a request to: /manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /manage/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 and by doing that, the attacker can run Remote Code Execution in one liner.

Date published : 2022-02-24

https://www.gov.il/en/departments/faq/cve_advisories

CVE-2022-22794

Similar

Recent Posts

Categories

CVE-2022-22794

Share this:

Similar

Recent Posts

Categories

Tags