mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
871 B
871 B
CVE-2019-17128
Description
Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. The injection allows an attacker to read sensitive information from the database used by the application.
POC
Reference
- http://packetstormsecurity.com/files/154763/OmniCenter-12.1.1-SQL-Injection.html
- http://packetstormsecurity.com/files/154763/OmniCenter-12.1.1-SQL-Injection.html
Github
No PoCs found on GitHub currently.