Unrated severityNVD Advisory· Published Oct 18, 2022· Updated May 9, 2025

Changing Information Technology Inc. RAVA certificate validation system - SQL Injection

CVE-2022-39056

Description

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database.

Affected products

Changing Information Technology Inc./Rava Certificate Validation Systemv5
Range: 3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.twcert.org.tw/tw/cp-132-6617-109b0-1.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000