A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter.
References
Link | Resource |
---|---|
https://blog.divisionzero.co/2020/08/12/cve-2020-15925/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-08-13T13:46:47
Updated: 2020-08-13T13:46:47
Reserved: 2020-07-24T00:00:00
Link: CVE-2020-15925
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-13T14:15:20.610
Modified: 2020-08-19T20:54:05.700
Link: CVE-2020-15925
JSON object: View
Redhat Information
No data.
CWE