2 matches found
Opsview pre 4.4.1 - Blind SQL Injection
No description provided by source. CVE-2013-5694 Blind SQL Injection in Ops View Versions: Opsview pre 4.4.1 Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Blind SQL Injection in OpsView Date published: 2013-10-28 Vendor contacted: 2013-09-04 II. BACKGROUND Opsview is a syste...
CVE-2013-5694
Opsview has a SQL injection vulnerability (CVE-2013-5694) in the status/service/acknowledge function accessible via POST to /status/service/acknowledge. The vulnerability affects Opsview versions pre-4.4.1 and is triggered by the service_selection parameter, allowing an attacker to inject SQL and...