1 results (0.001 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-42405
https://notcve.org/view.php?id=CVE-2023-42405
SQL injection vulnerability in FIT2CLOUD RackShift v1.7.1 allows attackers to execute arbitrary code via the `sort` parameter to taskService.list(), bareMetalService.list(), and switchService.list(). Vulnerabilidad de inyección SQL en FIT2CLOUD RackShift v1.7.1 permite a atacantes ejecutar código arbitrario a través del parámetro `sort` en taskService.list(), bareMetalService.list() y switchService.list(). • https://github.com/fit2cloud/rackshift/issues/79 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •