CVE-2022-38118

Summary

OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to access, modify, delete database, perform system operations and disrupt service.

Affected Software

VendorProductVersion RangeStatus
HGigaOAKloudsunspecified <= OAKlouds-mol_metting-2.0-163affected
HGigaOAKloudsunspecified <= OAKlouds-mol_metting-3.0-163affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References