Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VeriCentre Web Console 多个SQL注入漏洞
Vulnerability Description
VeriCentre是一款基于WEB的管理系统。 VeriCentre Web Console 2.2 build 36之前版本中存在多个SQL注入漏洞。这些漏洞源于通过‘TerminalId’、‘ModelName’以及‘ApplicationName’参数传送到WebConsole/terminal/paramedit.aspx的输入在被用于执行SQL查询前没有受到正确的验证。攻击者利用该漏洞通过注入任意SQL代码执行SQL查询操作。
CVSS Information
N/A
Vulnerability Type
N/A