1 results (0.000 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Una vulnerabilidad de inyección SQL en el formulario de acceso en la interfaz web de Mercator SENTINEL v2.0 permite a atacantes remotos ejecutar comandos SQL a través de vectores no especificados. • http://cert.netpeas.org/2011/06/cert-nps2011005-vulnerabilite-potentielle-dans-la-solution-de-gestion-de-la-securite-operationnelle-des-compagnies-aeriennes-%C2%AB-sentinel-safety-information-management-system-%C2%BB http://cert.netpeas.org/2011/06/cert-nps2011005-vulnerabilite-potentielle-dans-la-solution-de-gestion-de-la-securite-operationnelle-des-compagnies-aeriennes-suite http://secunia.com/advisories/46014 http://www.kb.cert.org/vuls/id/122142 http://www.securityfocus.com/bid/49638 https://exchange.xforce • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •