CVE-2020-15925
CVE-2020-15925 describes a SQL injection in Loway QueueMetrics prior to version 19.10.21, exploitable via the TPF_XPAR1 parameter in a tpf URI. The vulnerability is triggered by remote authenticated attackers and can lead to arbitrary SQL execution, impacting data integrity and confidentiality. A...