CVE-2022-1083

Name of the Vulnerable Software and Affected Versions Microfinance Management System (affected versions not specified)

Description A critical issue has been discovered, allowing for SQL injection through the manipulation of arguments such as customer type number, account number, account status number, and account type number. This can be achieved by providing a specific input, for example, ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc, enabling a remote attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.