Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection
Vulnerability Description
Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. If successfully exploited the user can get info from the underlying postgresql database that could lead into to total compromise of the product. The said script is available with no authentication.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Navarino Infinity SQL注入漏洞
Vulnerability Description
Navarino Infinity是希腊Navarino公司的一套海事带宽管理和优化解决方案。该方案能够用于配备多种类型的船舶。 Navarino Infinity 2.2之前版本中的Web界面存在SQL注入漏洞。远程攻击者可利用该漏洞获取底层postgresql数据库的信息。
CVSS Information
N/A
Vulnerability Type
N/A