Security Advisory

CVE-2022-30335

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-09 18:38:11

Last updated 2024-08-03 06:48:36

Assigner mitre

State PUBLISHED

Description

Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component.

← Browse all CVEs View on cve.org ↗