Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/get_tab_data/ endpoint.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Munkireport Software Update SQL注入漏洞
Vulnerability Description
Munkireport是一款用于Munki软件管理程序的报告工具。Software Update是其中的一个软件更新模块。 MunkiReport中的Software Update 1.6之前版本的softwareupdate_controller.php文件存在SQL注入漏洞。攻击者可借助/module/softwareupdate/get_tab_data/端点利用该漏洞执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A