CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.
Source: NIST
CVE-2019-10852

Leave a Reply

Your email address will not be published.