3 matches found
CVE-2022-48588
A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48588
A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48588
CVE-2022-48588 is a confirmed SQL injection vulnerability in the “schedule editor decoupled” feature of ScienceLogic SL1 . Multiple connected sources (e.g., Red Hat CVE entry, CNVD-2023-66420, and others) describe that unsanitized, user-controlled input is passed directly into a SQL query, enabli...