3 matches found
Talariax sendQuick Alertplus Server Admin 4.3 SQL Injection
Dear Full Disclosure Team, We are writing to submit a full disclosure for the following vulnerability discovered for product Talariax sendQuick Alertplus server admin version 4.3. This is an updated reference for https://seclists.org/fulldisclosure/2021/Oct/1...
CVE-2021-26795
A SQL Injection vulnerability in /appliance/shiftmgn.php in TalariaX sendQuick Alert Plus Server Admin 4.3 before 8HF11 allows attackers to obtain sensitive information via a Roster Time to Roster Management...
CVE-2021-26795
CVE-2021-26795 affects TalariaX SendQuick Alert Plus Server Admin 4.3 (prior to 8HF11). The vulnerability is a SQL Injection in /appliance/shiftmgn.php due to insufficient input filtering/escaping, allowing an attacker to obtain sensitive information via Roster Time to Roster Management. Fixed in...