RSS   Vulnerabilities for 'Omnicenter'   RSS

2019-10-09
 
CVE-2019-17128

CWE-89
 

 
Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. The injection allows an attacker to read sensitive information from the database used by the application.

 


Copyright 2024, cxsecurity.com

 

Back to Top