2 matches found
CVE-2022-48601
A SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48601
CVE-2022-48601 describes a SQL injection in the ScienceLogic SL1 product, specifically the network print report feature where unsanitized input is passed directly to a SQL query. The vulnerability is documented with a high impact (CVSS 3.1 base score 8.8) and network access with low privileges. C...