CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-43437

The Download function’s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.9%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.twcert.org.tw/tw/cp-132-6829-11133-1.html
https://www.twcert.org.tw/tw/cp-132-6829-11133-1.html

Products affected by CVE-2022-43437

Easy Test Project » Easy Test » Version: 17l18s

cpe:2.3:a:easy_test_project:easy_test:17l18s

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-43437

Products

Pricing

Contact Us