Filtered by vendor Softinventive
Subscriptions
Filtered by product Network Olympus
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-25225 | 1 Softinventive | 1 Network Olympus | 2024-11-21 | 7.2 High |
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue. |
Page 1 of 1.