VYPR

Bonanza Wealth Management System

by Bonanza Wealth Management System

CVEs (1)

  • CVE-2022-30335CriMay 9, 2022
    risk 0.64cvss 9.8epss 0.01

    Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component.