06 Fév 2018
CVE-2018-6792 - CVE Vulnerability
Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow an authenticated user to execute arbitrary SQL commands via multiple parameters to the /cvms-hub/privado/seccionesmib/secciones.xhtml resource. The POST parameters are j_idt118, j_idt120, j_idt122, j_idt124, j_idt126, j_idt128, and j_idt130 under formularioGestionarSecciones:tablaSeccionesMib:*:filter. The GET parameter is nombreAgente. (CVSS:0.0) (Last Update:2018-02-06)
Vulnerability Details : Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow an authenticated user to execute arbitrary SQL commands via multiple parameters to the /cvms-hub/privado/seccionesmib/secciones.xhtml resource. The POST parameters are j_idt118, j_idt120, j_idt122, j_idt124, j_idt126, j_idt128, and j_idt130 under formularioGestionarSecciones:tablaSeccionesMib:*:filter. The GET parameter is nombreAgente. Publish Date : 2018-02-06 Last Update Date : 2018-02-06 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-6792
- References For CVE-2018-6792
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-6792There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |