Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL commands via the vlan_id parameter to (1) vlanview.php, (2) vlanedit.php, and (3) vlandel.php; the (4) assetclassgroup_id parameter to assetclassgroupview.php; the (5) subnet_id parameter to nodelist.php; and unspecified other vectors. NOTE: it was later reported that the vlanview.php and vlandel.php vectors are also in 0.4.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IP_Reg 多个SQL注入漏洞
Vulnerability Description
Ip Reg中的多个SQL注入漏洞。远程攻击者可以借助对以下文件中的vlan_id参数执行任意SQL指令(1)vlanview.php, (2) vlanedit.php,以及(3) vlandel.php;(4)assetclassgroupview.php中的assetclassgroup_id参数;(5) nodelist.php中的subnet_id参数;以及其它未明向量。
CVSS Information
N/A
Vulnerability Type
N/A