Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Wolters Kluwer TeamMate+ Audit SQL注入漏洞
Vulnerability Description
Wolters Kluwer TeamMate+ Audit是荷兰Wolters Kluwer公司的一款基于云的审计管理工具。适用于各种规模的企业,以提高跨部门和组织级别的内部审计的可见性、效率和一致性。 Wolters Kluwer TeamMate+ Audit 28.0.19.0版本存在SQL注入漏洞,该漏洞源于搜索表单中缺少对于SQL数据的过滤和转义。攻击者利用该漏洞可以获取有关其他用户的信息或者未经授权访问审计数据。
CVSS Information
N/A
Vulnerability Type
N/A