Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow an authenticated user to execute arbitrary SQL commands via multiple parameters to the /cvms-hub/privado/seccionesmib/secciones.xhtml resource. The POST parameters are j_idt118, j_idt120, j_idt122, j_idt124, j_idt126, j_idt128, and j_idt130 under formularioGestionarSecciones:tablaSeccionesMib:*:filter. The GET parameter is nombreAgente.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Saifor CVMS HUB SQL注入漏洞
Vulnerability Description
Saifor CVMS HUB是西班牙Saifor团队的一套数据中心可视化管理系统。 Saifor CVMS HUB 1.3.1版本中存在多个SQL注入漏洞。远程攻击者可通过向/cvms-hub/privado/seccionesmib/secciones.xhtml发送多个参数利用该漏洞执行任意SQL命令。(多个参数包括:j_idt118、j_idt120、j_idt122、j_idt124、j_idt126、j_idt128和j_idt130)
CVSS Information
N/A
Vulnerability Type
N/A