CVE-2022-32246

MEDIUM Year: 2022
CVSS v3 Score
4.6
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-89
View all →

Vulnerability Description

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application

Related Vulnerabilities

CVE-2023-3938

MEDIUM
CVSS:4.6(Medium)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZkTeco-based OEM devices allows an attacker to authenticate under any user from the device databas...

CWE-892023

CVE-2024-3060

MEDIUM
CVSS:4.5(Medium)

The ENL Newsletter WordPress plugin through 1.0.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin+ to perform SQL injection attacks

CWE-892024

CVE-2019-4147

MEDIUM
CVSS:4.7(Medium)

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or ...

CWE-892019

CVE-2023-0531

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/booking_report.php. The manipula...

CWE-892023

CVE-2023-0532

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/disapprove...

CWE-892023

CVE-2023-0533

MEDIUM
CVSS:4.7(Medium)

A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this issue is some unknown functionality of the file admin...

CWE-892023