{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T03:25:40.887","vulnerabilities":[{"cve":{"id":"CVE-2022-32964","sourceIdentifier":"twcert@cert.org.tw","published":"2022-08-04T10:15:08.190","lastModified":"2026-06-17T04:48:18.590","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service."},{"lang":"es","value":"La función de la API de OMICARD EDM no comprueba suficientemente las entradas del usuario. Un atacante remoto no autenticado puede inyectar comandos SQL arbitrarios para acceder, modificar, eliminar la base de datos o interrumpir el servicio"}],"affected":[{"source":"twcert@cert.org.tw","affectedData":[{"vendor":"ITPison","product":"OMICARD EDM","versions":[{"version":"5.8","lessThanOrEqual":"6.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:omicard_edm_project:omicard_edm:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndIncluding":"6.0","matchCriteriaId":"F11B29BF-543C-4268-B257-E02275F6B969"}]}]}],"references":[{"url":"https://www.chtsecurity.com/news/48032532-b2de-401c-97a8-a2be5691988f","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-6372-f61bc-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.chtsecurity.com/news/48032532-b2de-401c-97a8-a2be5691988f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-6372-f61bc-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}