270 matches found
PT-2023-15874 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "message viewer print" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary S...
PT-2023-15870 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the “reporter events type date” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQ...
PT-2023-15858 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "json walker" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary SQL that i...
PT-2023-15875 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the “message viewer iframe” feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary...
PT-2023-15862 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "admin dynamic app mib errors" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of...
PT-2023-15873 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the “network print report” feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitrary S...
PT-2023-15867 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "ticket template watchers" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of arbitra...
PT-2023-15860 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "schedule editor decoupled" feature, where unsanitized user-controlled input is passed directly to a SQL query, allowing the injection of...
PT-2023-15856 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A command injection issue exists in the download and convert report feature, where unsanitized user-controlled input is passed directly to a shell command, allowing the injection o...
PT-2023-15861 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the “reporting job editor” feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL...