3 matches found
CVE-2017-10936
SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information...
CVE-2017-10936
SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information...
CVE-2017-10936
ZTE ZXCDN-SNS is affected by an SQL injection in the aoData parameter. In versions prior to 4.01.01, a remote attacker can exploit improper input handling to execute arbitrary SQL commands, leading to disclosure of database contents. Root cause: unsafely crafted input in aoData enables SQL statem...