漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An unauthenticated blind SQL injection vulnerability exists in RSI Queue Management System v3.0 within the TaskID parameter of the get request handler. Attackers can remotely inject time-delayed SQL payloads to induce server response delays, enabling time-based inference and iterative extraction of sensitive database contents without authentication.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RSI Queue Management System 安全漏洞
Vulnerability Description
RSI Queue Management System是RSI Queue公司的一个零售、医疗或服务行业专用的智能排队管理系统。 RSI Queue Management System v3.0版本存在安全漏洞,该漏洞源于TaskID参数处理不当,可能导致未经验证的盲SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A