CVE-2021-22852

Summary

HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online registration) to obtain database schema and data.

Affected Software

VendorProductVersion RangeStatus
HGigaOAKSv20 OAKlouds-mol_course_v3 2.02.0-124 <= 2.0-146affected
HGigaOAKSv30 OAKlouds-mol_course_v3 3.03.0-124 <= 3.0-146affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References