Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SQL Injection vulnerability on SCAN_VISIO eDocument Suite Web Viewer from Abast
Vulnerability Description
A SQL Injection has been found on SCAN_VISIO eDocument Suite Web Viewer of Abast. This vulnerability allows an unauthenticated user to retrieve, update and delete all the information of database. This vulnerability was found on login page via "user" parameter.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Abast SCAN_VISIO eDocument Suite Web Viewer 安全漏洞
Vulnerability Description
Abast SCAN_VISIO eDocument Suite Web Viewer是Abast公司的一款文档浏览器。 Abast SCAN_VISIO eDocument Suite Web Viewer 存在安全漏洞,该漏洞源于登陆页面的 user 参数存在 SQL 注入漏洞。未经身份验证的攻击者利用该漏洞可以检索、更新和删除数据库的所有信息。
CVSS Information
N/A
Vulnerability Type
N/A