3 matches found
CVE-2020-28860
creationtimestamp| type| source ---|---|--- 2020-12-14 22:39:37+00:00| seen| https://t.me/cibsecurity/20774...
CVE-2020-28860
OpenAsset Digital Asset Management (DAM) up to 12.0.19 is affected by an authenticated blind SQL injection caused by improper sanitization of user input in SQL queries. The vulnerability is triggered via the /AJAXPage/SearchResults endpoint, using the currentSearchItems parameter, allowing an att...
OpenAsset Digital Asset Management SQL Injection
Title: Authenticated blind SQL injection SQLi Product: OpenAsset Digital Asset Management by OpenAsset Vendor Homepage: https://www.openasset.com/ Vulnerable Version: 12.0.19 Cloud 11.2.1 On-premise Fixed Version: 12.0.23 Cloud 11.4.10 On-premise CVE Number: CVE-2020-28860 Author: Jack Misiura fr...