Lucene search
K

270 matches found

Prion
Prion
added 2023/08/09 7:15 p.m.16 views

Sql injection

A SQL injection vulnerability exists in the “ticket watchers email” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/08/09 7:15 p.m.15 views

Sql injection

A SQL injection vulnerability exists in the “topology data service” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00596EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/08/09 7:15 p.m.8 views

Sql injection

A SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/08/09 7:15 p.m.19 views

Sql injection

A SQL injection vulnerability exists in the “logging export” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/08/09 7:15 p.m.22 views

Sql injection

A SQL injection vulnerability exists in the “ticket template watchers” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/08/09 7:15 p.m.15 views

Sql injection

A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/08/09 7:15 p.m.15 views

Sql injection

A SQL injection vulnerability exists in the vendorstate parameter of the “vendor print report” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the...

6.5CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/08/09 7:15 p.m.10 views

Sql injection

A SQL injection vulnerability exists in the “ticket event report” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/09 6:35 p.m.35 views

CVE-2022-48604

CVE-2022-48604 affects ScienceLogic SL1, with a SQL injection in the “logging export” feature where unsanitized user input is passed into a SQL query. Multiple sources (including CNNVD and Red Hat) indicate vulnerable versions include SL1 up to at least 11.1.2 (and prior); PT-Security notes no ex...

8.8CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/09 6:35 p.m.21 views

CVE-2022-48604

A SQL injection vulnerability exists in the “logging export” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS7.8AI score0.00608EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/09 6:35 p.m.28 views

CVE-2022-48604

A SQL injection vulnerability exists in the “logging export” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS9.1AI score0.00608EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/09 6:34 p.m.25 views

CVE-2022-48603

A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS9.1AI score0.00608EPSS
Exploits0References1
CVE
CVE
added 2023/08/09 6:34 p.m.47 views

CVE-2022-48603

The CVE-2022-48603 entry describes a SQL injection vulnerability in ScienceLogic SL1’s “message viewer iframe” feature, where unsanitized user input is passed directly into a SQL query. Affected component: ScienceLogic SL1 (message viewer iframe). Root cause: lack of input sanitization before SQL...

8.8CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/09 6:34 p.m.14 views

CVE-2022-48603

A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS7.8AI score0.00608EPSS
Exploits0References1
CVE
CVE
added 2023/08/09 6:33 p.m.42 views

CVE-2022-48602

CVE-2022-48602 describes a SQL injection in ScienceLogic SL1's “message viewer print” feature, where unsanitized user-controlled input is passed directly to a SQL query. The affected product is ScienceLogic SL1; the vulnerability stems from lack of input validation in that function, enabling inje...

8.8CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/09 6:33 p.m.29 views

CVE-2022-48602

A SQL injection vulnerability exists in the “message viewer print” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS9.1AI score0.00608EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/09 6:33 p.m.25 views

CVE-2022-48602

A SQL injection vulnerability exists in the “message viewer print” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS7.8AI score0.00608EPSS
Exploits0References1
CVE
CVE
added 2023/08/09 6:32 p.m.35 views

CVE-2022-48601

CVE-2022-48601 describes a SQL injection in the ScienceLogic SL1 product, specifically the network print report feature where unsanitized input is passed directly to a SQL query. The vulnerability is documented with a high impact (CVSS 3.1 base score 8.8) and network access with low privileges. C...

8.8CVSS8.8AI score0.00608EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/09 6:32 p.m.21 views

CVE-2022-48601

A SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS7.8AI score0.00608EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/09 6:28 p.m.16 views

CVE-2022-48600

A SQL injection vulnerability exists in the “notes view” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS7.8AI score0.00608EPSS
Exploits0References1
Rows per page
Query Builder