The attacker could get access to the database. The SQL injection is in the username parameter at the login panel: username: admin'--
9.8CVSS
9.7AI Score
0.001EPSS
attacker needs to craft a SQL payload. the vulnerable parameter is "agentid" must be authenticated to the admin panel.
7.2CVSS
6.9AI Score
0.001EPSS