Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-28862

EPSS 0.26% · P50
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-28862

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database. This is fixed in all recent versions, such as version 26.2.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ARCHIBUS Web Central SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ARCHIBUS Web Central是ARCHIBUS的一个web网络管理中心,在直观的 Web 浏览器界面中组织设施和基础设施管理任务。所有基础设施数据都存储在一个集中存储库中,以便来自世界任何地方的授权用户都可以输入、编辑和监控这些数据。 ARCHIBUS Web Central 26.2 版本之前存在安全漏洞,该漏洞源于 dwr/call/plaincall/workflow.runWorkflowRule.dwr 存在多个 SQL 注入问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2022-28862

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-28862

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-05-25 · 29 CVEs total

CVE-2022-294026.8 MEDIUMTP-LINK TL-WR840N 访问控制错误漏洞
CVE-2022-16785.9 MEDIUMLinux kernel 安全漏洞
CVE-2022-29650Online Food Ordering System SQL注入漏洞
CVE-2022-31651SoX 输入验证错误漏洞
CVE-2022-31650SoX 输入验证错误漏洞
CVE-2022-31623MariaDB 安全漏洞
CVE-2022-31622MariaDB 安全漏洞
CVE-2022-31621MariaDB 安全漏洞
CVE-2022-29362ZKEACMS 跨站脚本漏洞
CVE-2022-30323HashiCorp go-getter 输入验证错误漏洞
CVE-2022-30322HashiCorp go-getter 输入验证错误漏洞
CVE-2022-30321HashiCorp go-getter 命令注入漏洞
CVE-2022-26945HashiCorp go-getter 命令注入漏洞
CVE-2022-30595Pillow 缓冲区错误漏洞
CVE-2021-44974radare2 代码问题漏洞
CVE-2022-29651Online Food Ordering System 代码问题漏洞
CVE-2022-31624MariaDB 安全漏洞
CVE-2022-29379Nginx 缓冲区错误漏洞
CVE-2022-29380Creativeitem Academy-LMS 跨站脚本漏洞
CVE-2021-35487Nokia Broadcast Message Center SQL注入漏洞

Showing top 20 of 29 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2022-28862

No comments yet

Leave a comment