3 matches found
CVE-2022-48587
A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48587
A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48587
CVE-2022-48587 affects ScienceLogic SL1, where the schedule editor passes unsanitized user input directly into SQL queries, enabling SQL injection. The vulnerability is confirmed across multiple sources/specifications and has a CVSS v3.1 base score of 8.8 (HIGH) with network attack vector, low at...