CVE-2022-50892

Name of the Vulnerable Software and Affected Versions VIAVIWEB Wallpaper Admin version 1.0

Description The software contains a SQL injection issue that allows attackers to bypass authentication. Attackers can manipulate login credentials, specifically by injecting a payload such as 'admin' or 1=1-- - into the login page to gain unauthorized access to the administrative interface. The vulnerable login page is susceptible to SQL injection attacks through manipulation of login credentials. The login page is the entry point for this issue. The vulnerable parameters include the username and password fields.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.