Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2023/08/12 12:0 a.m.12 views

ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66419)

ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...

8.8CVSS8.1AI score0.00099EPSS
Exploits0References1
Prion
Prionadded 2023/08/09 6:15 p.m.16 views

Sql injection

A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

6.5CVSS8.8AI score0.00099EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/08/09 5:54 p.m.12 views

CVE-2022-48589

A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS9.1AI score0.00099EPSS
Exploits0References1
CVE
CVEadded 2023/08/09 5:54 p.m.48 views

CVE-2022-48589

CVE-2022-48589 is a SQL injection vulnerability in the ScienceLogic SL1 platform, specifically in the “reporting job editor” that unsafely passes user-controlled input to SQL queries. Affected component is SL1’s reporting job editor; root cause is unsanitized input reaching the database. The NVD ...

8.8CVSS8.8AI score0.00099EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/09 5:54 p.m.10 views

CVE-2022-48589

A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS7.8AI score0.00099EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/12 12:0 a.m.2 views

Unspecified Vulnerability in Software- und Organisations-Service SOS JobScheduler

Software- und Organisations-Service SOS JobScheduler is a suite of open source, enterprise-class scheduling and process automation software from Software- und Organisations-Service, Germany. A security vulnerability exists in the JOE Job Editor component of Software- und Organisations-Service SOS...

7.5CVSS7AI score0.04538EPSS
Exploits6References1
OSV
OSVadded 2020/06/11 2:15 p.m.1 views

CVE-2020-12712

A vulnerability based on insecure user/password encryption in the JOE job editor component of SOS JobScheduler 1.12 and 1.13 allows attackers to decrypt the user/password that is optionally stored with a user's profile...

7.5CVSS7.1AI score
Exploits0References4
Rows per page
Query Builder