Vulnerabilities > Rukovoditel > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-01-30 CVE-2022-48175 Code Injection vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the component /rukovoditel/index.php?module=dashboard/ajax_request.
network
low complexity
rukovoditel CWE-94
critical
 9.8
9.8
2022-12-02 CVE-2022-44945 SQL Injection vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.
network
low complexity
rukovoditel CWE-89
critical
 9.8
9.8
2022-10-28 CVE-2022-43168 SQL Injection vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the reports_id parameter.
network
low complexity
rukovoditel CWE-89
critical
 9.8
9.8