2 matches found
CVE-2021-36385
A SQL Injection vulnerability in Cerner Mobile Care 5.0.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via a Fullwidth Apostrophe aka U+FF07 in the default.aspx User ID field. Arbitrary system commands can be executed through the use of xpcmdshell...
CVE-2021-36385
CVE-2021-36385 (Cerner Mobile Care 5.0.0) describes a SQL Injection vulnerability that allows remote unauthenticated attackers to execute arbitrary SQL commands by injecting a Fullwidth Apostrophe (U+FF07) into the default.aspx User ID field. The attack can lead to arbitrary system command execut...