CVE-2018-6792
Consolidated view: Saifor CVMS HUB 1.3.1 contains Multiple SQL injection vulnerabilities exploitable by an authenticated user. The flaw allows executing arbitrary SQL commands via multiple POST parameters to /cvms-hub/privado/seccionesmib/secciones.xhtml (parameters j_idt118, j_idt120, j_idt122, ...