Vulnerabilities

CVE-2019-17128

by Fred · 09/10/2019

Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. The injection allows an attacker to read sensitive information from the database used by the application.

Date published : 2019-10-09

http://packetstormsecurity.com/files/154763/OmniCenter-12.1.1-SQL-Injection.html

OmniCenter 12 Now Available: Extensible Integration, Unlimited Scalability, and Device Grouping

Similar

Tags: Cybersecurity Alert