Maggioli Appalti & Contratti — known CVE vulnerabilities
Every CVE whose affected-product data names Maggioli Appalti & Contratti, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-44785 — CVSS 9.8 (critical): An issue was discovered in Appalti & Contratti 9.12.2. The target web applications are subject to multiple SQL Injection vulnerabilities…
CVE-2022-44784 — CVSS 8.8 (high): An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the…
CVE-2022-44786 — CVSS 7.5 (high): An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the…
CVE-2022-44788 — CVSS 6.5 (medium): An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that…
CVE-2022-44787 — CVSS 6.1 (medium): An issue was discovered in Appalti & Contratti 9.12.2. The web applications are vulnerable to a Reflected Cross-Site Scripting issue. The…