CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-38118

OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.4%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.chtsecurity.com/news/0a893178-5c64-4f1c-87f1-95cbf1e17c87
https://www.twcert.org.tw/tw/cp-132-6461-25c4b-1.html
https://www.chtsecurity.com/news/0a893178-5c64-4f1c-87f1-95cbf1e17c87
https://www.twcert.org.tw/tw/cp-132-6461-25c4b-1.html

Products affected by CVE-2022-38118

Hgiga » Oaklouds Portal » Version: 2.0

cpe:2.3:a:hgiga:oaklouds_portal:2.0
Hgiga » Oaklouds Portal » Version: 2.0-10

cpe:2.3:a:hgiga:oaklouds_portal:2.0-10
Hgiga » Oaklouds Portal » Version: 3.0

cpe:2.3:a:hgiga:oaklouds_portal:3.0
Hgiga » Oaklouds Portal » Version: 3.0-10

cpe:2.3:a:hgiga:oaklouds_portal:3.0-10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-38118

Products

Pricing

Contact Us