8 matches found
EUVD-2019-19904
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...
CVE-2019-25581
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...
CVE-2019-25581 i-doit CMDB 1.12 SQL Injection via objGroupID Parameter
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...
CVE-2019-25581 i-doit CMDB 1.12 SQL Injection via objGroupID Parameter
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...
CVE-2019-25581
CVE-2019-25581 affects i-doit CMDB 1.12 and is an SQL injection vulnerability in the objGroupID parameter. An unauthenticated attacker can send crafted GET requests to inject SQL, potentially exfiltrating sensitive database information such as usernames, database names, and version details. The v...
PT-2026-26929
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive...
i-doit CMDB 1.12 SQL Injection
Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...
i-doit CMDB 1.12 - SQL Injection
i-doit CMDB 1.12 - SQL Injection Exploit Title: i-doit CMDB 1.12 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12...