Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/156113/Octeth-Oempro-4.8-SQL-Injection.html | Exploit Third Party Advisory VDB Entry |
https://github.com/BrunoBulle/Oempro_4.7/blob/master/README.md | Third Party Advisory |
https://www2.octeth.com/blog/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-12T02:13:21
Updated: 2020-01-28T17:06:04
Reserved: 2019-12-12T00:00:00
Link: CVE-2019-19740
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-12T03:15:11.053
Modified: 2023-01-28T02:44:30.020
Link: CVE-2019-19740
JSON object: View
Redhat Information
No data.
CWE