5 matches found
PT-2025-23621 · Unicom · Unicom Focal Point
Name of the Vulnerable Software and Affected Versions: Unicom Focal Point version 7.6.1 Description: An issue was discovered in ReportController, allowing a user with administrative privilege to perform SQL injection via the image parameter during a delete report image operation. Recommendations:...
SQL Injection
CFME is vulnerable to SQL injection. An input sanitization flaw was found in the savedreportdelete action in the ReportController. An authenticated Management Engine user could use this flaw to perform an SQL injection attack on the Management Engine back end database...
CVE-2014-0137
SQL injection vulnerability in the savedreportdelete action in the ReportController in Red Hat CloudForms Management Engine CFME before 5.2.3.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to MiqReportResult.exists...
Sql injection
SQL injection vulnerability in the savedreportdelete action in the ReportController in Red Hat CloudForms Management Engine CFME before 5.2.3.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to MiqReportResult.exists...
CVE-2014-0137
SQL injection vulnerability in the savedreportdelete action in the ReportController in Red Hat CloudForms Management Engine CFME before 5.2.3.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to MiqReportResult.exists...