{"api_version":"1","generated_at":"2026-04-23T09:06:00+00:00","cve":"CVE-2022-44790","urls":{"html":"https://cve.report/CVE-2022-44790","api":"https://cve.report/api/cve/CVE-2022-44790.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-44790","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-44790"},"summary":{"title":"CVE-2022-44790","description":"Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-12-09 21:15:00","updated_at":"2022-12-14 15:11:00"},"problem_types":["CWE-89"],"metrics":[],"references":[{"url":"https://www.interspire.com/security-bulletin-2022-44790/","name":"https://www.interspire.com/security-bulletin-2022-44790/","refsource":"MISC","tags":[],"title":"Security Bulletin. Vulnerability found in Email Marketer v6.0.0 through v6.5.1 - Interspire","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-44790","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-44790","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"44790","vulnerable":"1","versionEndIncluding":"6.5.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"interspire","cpe5":"email_marketer","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-44790","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Interspire Email Marketer through 6.5.1 allows SQL Injection via the surveys module. An unauthenticated attacker could successfully perform an attack to extract potentially sensitive information from the database if the survey id exists."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://www.interspire.com/security-bulletin-2022-44790/","url":"https://www.interspire.com/security-bulletin-2022-44790/"}]}},"nvd":{"publishedDate":"2022-12-09 21:15:00","lastModifiedDate":"2022-12-14 15:11:00","problem_types":["CWE-89"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:interspire:email_marketer:*:*:*:*:*:*:*:*","versionEndIncluding":"6.5.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}