CVE-2022-22055

Summary

The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.

Affected Software

VendorProductVersion RangeStatus
Le-yan Co., Ltd.Dental Management System2.8.5affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References