First published: Fri Oct 14 2022(Updated: )
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Simple Cold Storage Management System Project Simple Cold Storage Management System | =1.0 | |
Oretnom23 Simple Cold Storage Management System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-42232 is a vulnerability found in Simple Cold Storage Management System v1.0 that allows SQL Injection attacks via the /csms/classes/Master.php?f=delete_storage endpoint.
CVE-2022-42232 has a severity rating of 7.2, which is considered high.
Simple Cold Storage Management System v1.0 is the affected software version.
The CWE of CVE-2022-42232 is CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')).
There is no specific fix mentioned, but it is recommended to update the Simple Cold Storage Management System software to the latest version to address this vulnerability.