Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2022-38118 First vendor Publication 2022-08-30
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38118

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

Sources (Detail)

https://www.chtsecurity.com/news/0a893178-5c64-4f1c-87f1-95cbf1e17c87
https://www.twcert.org.tw/tw/cp-132-6461-25c4b-1.html
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2024-11-28 14:14:37
  • Multiple Updates
2023-04-01 02:14:56
  • Multiple Updates
2022-10-01 09:27:32
  • Multiple Updates
2022-09-16 21:27:29
  • Multiple Updates
2022-09-06 17:27:12
  • Multiple Updates
2022-08-31 02:10:08
  • Multiple Updates
2022-08-31 02:10:07
  • Multiple Updates
2022-08-30 17:27:11
  • Multiple Updates
2022-08-30 13:27:15
  • First insertion