Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this service to be prone to SQL injection.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
ARCHIBUS Web Central SQL注入漏洞
Vulnerability Description
ARCHIBUS Web Central是ARCHIBUS的一个web网络管理中心,在直观的 Web 浏览器界面中组织设施和基础设施管理任务。所有基础设施数据都存储在一个集中存储库中,以便来自世界任何地方的授权用户都可以输入、编辑和监控这些数据。 ARCHIBUS Web Central 2022.03.01.107版本存在安全漏洞,该漏洞源于应用程序公开的服务接受用户控制的参数,该参数用于创建SQL查询容易导致SQL注入。
CVSS Information
N/A
Vulnerability Type
N/A