CVE-2022-37333

Name of the Vulnerable Software and Affected Versions exceedone/exment versions 5.0.2 and earlier exceedone/exment versions 4.4.2 and earlier exceedone/laravel-admin versions 3.0.0 and earlier exceedone/laravel-admin versions 2.2.2 and earlier

Description The issue is related to a SQL injection vulnerability that allows remote authenticated attackers to execute arbitrary SQL commands. This can potentially enable an attacker to access and manipulate the application's database.

Recommendations For exceedone/exment versions 5.0.2 and earlier, update to a version later than 5.0.2 to resolve the issue. For exceedone/exment versions 4.4.2 and earlier, update to a version later than 4.4.2 to resolve the issue. For exceedone/laravel-admin versions 3.0.0 and earlier, update to a version later than 3.0.0 to resolve the issue. For exceedone/laravel-admin versions 2.2.2 and earlier, update to a version later than 2.2.2 to resolve the issue. As a temporary workaround, consider restricting access to the database to minimize the risk of exploitation.