Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0
Vulnerability Description
A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SQL statements on the DBMS used by the web application, potentially exposing unauthorized data, altering their structure and content, and/or affecting their availability.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Nozomi Networks Guardian/CMC SQL注入漏洞
Vulnerability Description
Nozomi Networks Guardian/CMC是美国Nozomi Networks公司的一个中央管理控制台。 Nozomi Networks Guardian/CMC存在SQL注入漏洞,该漏洞源于Alert功能中输入参数验证不当,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A