2 matches found
CVE-2022-48584
A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...
CVE-2022-48584
CVE-2022-48584 describes a command-injection in ScienceLogic SL1’s Download and Convert Reports feature. The vulnerability stems from unsanitized user-controlled input being passed to a shell command, enabling arbitrary command execution on the underlying OS. Documents specify affected software a...