CVE-2022-44790
published 2022-12-09CVE-2022-44790: Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to…
PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.60%
44.2th percentile
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| interspire | email_marketer | <= 6.5.1 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vendor_oracle9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xg52-54c7-pvc7: Interspire Email Marketer through 6
ghsa_unreviewed·2022-12-09
CVE-2022-44790 [HIGH] CWE-89 GHSA-xg52-54c7-pvc7: Interspire Email Marketer through 6
Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.
Oracle
Oracle Oracle Communications Risk Matrix: Management (Apache HTTP Server) — CVE-2021-44790
vendor_oracle·2022-10-15·CVSS 9.8
CVE-2021-44790 [CRITICAL] Oracle Oracle Communications Risk Matrix: Management (Apache HTTP Server) — CVE-2021-44790
Oracle Oracle Communications Risk Matrix: Management (Apache HTTP Server) vulnerability
CVE: CVE-2021-44790
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuoct2022 (OCT 2022)
Oracle
Oracle Oracle Communications Risk Matrix: Security (Apache HTTP Server) — CVE-2021-44790
vendor_oracle·2022-04-15·CVSS 9.8
CVE-2021-44790 [CRITICAL] Oracle Oracle Communications Risk Matrix: Security (Apache HTTP Server) — CVE-2021-44790
Oracle Oracle Communications Risk Matrix: Security (Apache HTTP Server) vulnerability
CVE: CVE-2021-44790
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuapr2022 (APR 2022)
Oracle
Oracle Oracle Construction and Engineering Risk Matrix: Core (Apache HTTP Server) — CVE-2021-44790
vendor_oracle·2022-01-15·CVSS 9.8
CVE-2021-44790 [CRITICAL] Oracle Oracle Construction and Engineering Risk Matrix: Core (Apache HTTP Server) — CVE-2021-44790
Oracle Oracle Construction and Engineering Risk Matrix: Core (Apache HTTP Server) vulnerability
CVE: CVE-2021-44790
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpujan2022 (JAN 2022)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-09
Published