Vulnerability Details CVE-2022-38615
SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/service_group.jsf.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.1%
CVSS Severity
CVSS v3 Score 8.8
References
- http://bpcbt.com
- http://smartvista.com
- https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-service-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38615
- http://bpcbt.com
- http://smartvista.com
- https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-service-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38615
Products affected by CVE-2022-38615
-
cpe:2.3:a:bpcbt:smartvista_front-end:-
-
cpe:2.3:a:bpcbt:smartvista_front-end:2.2.22