Vulnerabilities > CVE-2022-44786 - Unspecified vulnerability in Maggioli Appalti & Contratti 9.12.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
maggioli
NVD
Published: 2022-11-21
Updated: 2022-11-23

Summary

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application.

Vulnerable Configurations

Part Description Count
Application
Maggioli
1

References