Vulnerability Details CVE-2022-38616
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /feegroups/tgrt_group.jsf.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.7%
CVSS Severity
CVSS v3 Score 8.8
References
- http://bpcbt.com
- http://smartvista.com
- https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-terminal-tariff-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38616
- http://bpcbt.com
- http://smartvista.com
- https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-terminal-tariff-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38616
Products affected by CVE-2022-38616
-
cpe:2.3:a:bpcbt:smartvista_front-end:-
-
cpe:2.3:a:bpcbt:smartvista_front-end:2.2.22