Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sita AzurCMS SQL注入漏洞
Vulnerability Description
Sita AzurCMS是卢森堡Sita公司的一个远程办公解决方案。用于远程办公、集群存储和虚拟化。 Sita AzurCMS 存在SQL注入漏洞,该漏洞源于Sita AzurCMS中的azurWebEngine在1.2.3.12中存在SQL注入漏洞。攻击者可利用该漏洞通过azurWebEngine eShop中的mesdocs.ajax.php的id参数执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A