Rukovoditel Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2022-43168 - Vulnerability Database

Rukovoditel

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2022-43168

Critical

Reference: CVE-2022-43168

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-43168

Title: Rukovoditel Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability

Overview:

Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the reports_id parameter.