CVE-2022-44786
- Reference to the description:
- Description:
- An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application.
- Last updated date:
- 11/23/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/23/2022
- Reference url to background
https://members.backbox.org/maggioli-appalti-contratti-multiple-vulnerabilities/