DHIS 2 2.32/2.33/2.34/2.35/2.36 API Endpoint trackedEntityInstances sql injection

A vulnerability was found in DHIS 2 2.32/2.33/2.34/2.35/2.36 and classified as critical. Affected by this issue is an unknown code of the file /api/trackedEntityInstances of the component API Endpoint. Applying a patch is able to eliminate this problem.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION

CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION

Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References

CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE

CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE

Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker