Filtered by vendor Sciencelogic
Subscriptions
Filtered by product Sl1
Subscriptions
Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-48602 | 1 Sciencelogic | 1 Sl1 | 2024-10-10 | 8.8 High |
A SQL injection vulnerability exists in the “message viewer print” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
CVE-2022-48603 | 1 Sciencelogic | 1 Sl1 | 2024-10-10 | 8.8 High |
A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
CVE-2022-48604 | 1 Sciencelogic | 1 Sl1 | 2024-10-10 | 8.8 High |
A SQL injection vulnerability exists in the “logging export” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
CVE-2022-48599 | 1 Sciencelogic | 1 Sl1 | 2024-10-09 | 8.8 High |
A SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
CVE-2022-48600 | 1 Sciencelogic | 1 Sl1 | 2024-10-09 | 8.8 High |
A SQL injection vulnerability exists in the “notes view” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
CVE-2022-48601 | 1 Sciencelogic | 1 Sl1 | 2024-10-09 | 8.8 High |
A SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. |