CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-6494 – MFSBGN03807 rev.1 - HP Service Manager Software, Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-6494
Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. Vulnerabilidad de inyección SQL en Dolibarr en versiones anteriores a la 7.0.2 permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el parámetro sortfield en /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/journals_list.php, /admin/dict.php, /admin/mails_templates.php o /admin/website.php. • http://www.securityfocus.com/bid/104141 http://www.securitytracker.com/id/1040902 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158656 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •