CVE-2022-32365

Name of the Vulnerable Software and Affected Versions Product Show Room Site version 1.0

Description The issue concerns SQL Injection. It can be exploited via the "/psrs/admin/fields/manage field.php?id=" endpoint. The estimated number of potentially affected devices worldwide is not specified. Details about real-world incidents where this issue was exploited are not provided.

Recommendations For Product Show Room Site version 1.0, as a temporary workaround, consider restricting access to the "/psrs/admin/fields/manage field.php?id=" endpoint until a patch is available. Avoid using the id parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.