Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unisoon UltraLog Express - SQL Injection
Vulnerability Description
UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Unisoon UltraLog Express SQL注入漏洞
Vulnerability Description
Unisoon UltraLog Express是中国台湾优立讯(Unisoon)公司的一套电话录音系统。 Unisoon UltraLog Express中的管理界面存在SQL注入漏洞,该漏洞源于程序没有正确过滤特定参数中用户提交的字符串。远程攻击者可借助特制SQL语句利用该漏洞访问、添加、修改或删除后端数据库中的信息。
CVSS Information
N/A
Vulnerability Type
N/A