4 matches found
CVE-2020-11942
An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections...
CVE-2020-11942
Open-AudIT 3.2.2 contains SQL injection in device scripts via unsanitized parameters system.class and system.discovery_id, enabling an attacker to modify or execute arbitrary SQL statements (e.g., via crafted requests to /devices). PoC shows TRUE/FALSE payloads returning different response sizes,...
CVE-2020-11942
An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections...
Open-AudIT Multiple Vulnerabilities
Advisory ID Internal CORE-2020-0009 1. Advisory Information Title: Open-AudIT Multiple Vulnerabilities Advisory ID: CORE-2020-0009 Advisory URL: https://www.coresecurity.com/advisories/open-audit-multiple-vulnerabilities Date published: 2020-04-27 Date of last update: 2020-04-24 Vendors...