CVE-2022-3800

Description

A vulnerability, which was classified as critical, has been found in IBAX go-ibax. Affected by this issue is some unknown functionality of the file /api/v2/open/rowsInfo. The manipulation of the argument table_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212636.

NVD
Severity: HIGH
CVE ID: CVE-2022-3800
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

VulDB
Severity: MEDIUM
CVE ID: CVE-2022-3800
CVSS Score: 6.3
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2022-3800

Refrence: Project Discovery GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept