Vulnerabilities

CVE-2021-22856

February 18, 2021

The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege.

Summary:

The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege.

Reference Links(if available):

https://www.twcert.org.tw/tw/cp-132-4394-76d41-1.html

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Microsoft Addresses Four Critical Zero-Days in November Patch Tuesday Updates

November 14, 2024

AI Threat Worsening in 2025: Insights from Google Cloud

November 14, 2024

Lazarus Group’s Code Smuggling Technique Exploits Extended Attributes in macOS

November 14, 2024

Ethical Hacker or Not? Amazon MOVEit Leaker’s Controversial Claims

November 14, 2024

Hive0145 Targets Europe with Sophisticated Strela Stealer Campaigns

November 14, 2024

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Microsoft Addresses Four Critical Zero-Days in November Patch Tuesday Updates

AI Threat Worsening in 2025: Insights from Google Cloud

Lazarus Group’s Code Smuggling Technique Exploits Extended Attributes in macOS

Ethical Hacker or Not? Amazon MOVEit Leaker’s Controversial Claims

Hive0145 Targets Europe with Sophisticated Strela Stealer Campaigns