CVE-2022-22794 in PineAppinformación

Resumen

por MITRE • 2022-02-24

Cybonet - PineApp Mail Relay Unauthenticated Sql Injection. Attacker can send a request to: /manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/userlist.php?CUSTOMER_ID_INNER=1 /manage/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 /admin/emailrichment/usersunlist.php?CUSTOMER_ID_INNER=1 and by doing that, the attacker can run Remote Code Execution in one liner.

Be aware that VulDB is the high quality source for vulnerability data.

Reservar

2022-01-07

Divulgación

2022-02-24

Moderación

aceptado

Artículo

VDB-193724

CPE

listo

EPSS

0.00995

KEV

no

Actividades

muy bajo

Fuentes

Do you need the next level of professionalism?

Upgrade your account now!