CVE-2022-44348

Name of the Vulnerable Software and Affected Versions Sanitization Management System version 1.0

Description The issue concerns SQL Injection via the "/php-sms/admin/orders/update status.php?id=" endpoint. This allows for potential manipulation of database queries by injecting malicious SQL code. The id parameter is vulnerable to this type of attack.

Recommendations For Sanitization Management System version 1.0, as a temporary workaround, consider restricting access to the "/php-sms/admin/orders/update status.php?id=" endpoint until a patch is available. Avoid using the id parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.