A vulnerability was found in DHIS 2 2.32/2.33/2.34/2.35/2.36 and classified as critical. Affected by this issue is an unknown code of the file /api/trackedEntityInstances of the component API Endpoint. Applying a patch is able to eliminate this problem.
DHIS 2 2.32/2.33/2.34/2.35/2.36 API Endpoint trackedEntityInstances sql injection
- Virtual Patching
- November 2, 2021
- 1:04 pm
Contact us to get started
CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker
CVE-2022-32549 : APACHE SLING COMMONS LOG/SLING API NEUTRALIZATION FOR LOGS
Description Apache Sling Commons Log