An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable parameter is param1.
CPE | Name | Operator | Version |
---|---|---|---|
aurall_rec_monitor | eq | 9.0.0.1 |