Lucene search
PRIOn knowledge basePRION:CVE-2020-7356HistoryAug 06, 2020 - 4:15 p.m.
Sql injection
2020-08-0616:15:00
PRIOn knowledge base
www.prio-n.com
23
CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter ‘wayfinder_seqid’ in wayfinder_meeting_input.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and execute SYSTEM commands.
Related
zdt
zdt
Cayin xPost 2.5 SQL Injection / Remote Code Execution Exploit
2020-06-18 00:00:00
cvelist
cvelist
CVE-2020-7356 Cayin xPost SQL Injection
2020-04-06 00:00:00
zeroscience
zeroscience
Cayin Digital Signage System xPost 2.5 Pre-Auth SQLi Remote Code Execution
2020-06-04 00:00:00
packetstorm
packetstorm
Cayin xPost 2.5 SQL Injection / Remote Code Execution
2020-06-18 00:00:00
cve
cve
CVE-2020-7356
2020-08-06 16:15:13
attackerkb
attackerkb
CVE-2020-7356
2020-04-06 00:00:00
checkpoint_advisories
checkpoint_advisories
CAYIN xPost Remote Code Execution (CVE-2020-7356)
2020-11-16 00:00:00
nvd
nvd
CVE-2020-7356
2020-08-06 16:15:13