1 results (0.002 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-13068 – QNAP HelpDesk < 1.1.12 - SQL Injection
https://notcve.org/view.php?id=CVE-2017-13068
QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack. QNAP ya ha parcheado esta vulnerabilidad. Este problema de seguridad permite que un atacante remoto realice una inyección SQL en la aplicación y obtenga información sobre la aplicación Helpdesk. • https://www.exploit-db.com/exploits/44060 https://www.qnap.com/en/security-advisory/nas-201709-29 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •