1 results (0.005 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2022-1248 – SAP Information System POST Request add_admin.php improper authentication
https://notcve.org/view.php?id=CVE-2022-1248
06 Apr 2022 — A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAP_Information_System/controllers/add_admin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploit details were disclosed. Se ha encontrado una vulnerabilidad en SAP Information System versión 1.0, que ha sido calificada como crítica. • https://packetstorm.news/files/id/166609 • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •