Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Progress MOVEit Transfer before 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements. This is in MOVEit.DMZ.WebApp in SILHuman.vb.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Progress Software MOVEit Transfer SQL注入漏洞
Vulnerability Description
Progress Software MOVEit Transfer是美国Progress Software公司的一套文件传输软件。 Progress MOVEit Transfer 2021.0之前版本存在SQL注入漏洞,该漏洞允许经过认证的攻击者可利用该漏洞获得对MOVEit Transfer数据库的非授权访问。
CVSS Information
N/A
Vulnerability Type
N/A