5 matches found
CVE-2022-48580
A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...
ScienceLogic SL1 SQL注入漏洞
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...
PT-2023-15858 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "json walker" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL that i...
ScienceLogic SL1 SQL注入漏洞
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...
ScienceLogic SL1 SQL注入漏洞
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...