CVE-2022-32964

Summary

OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service.

Affected Software

VendorProductVersion RangeStatus
ITPisonOMICARD EDM5.8 <= 6.0affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References