CRITICAL
Database Software
CVE published 2022-09-21
CVE-2022-2315
A critical unauthenticated SQL injection vulnerability exists in Databank's Accreditation Tracking/Presentation Module prior to version 2. The vulnerability allows remote attackers to execute arbitrary SQL commands without authentication, potentially leading to complete database compromise. The CVSS 3.1 score of 9.4 reflects network attack vector, low attack complexity, no privileges required, no user int [truncated]