01642 06 11 11 Arrange Call

Authenticated Blind SQL Injection in Computrols CBAS 18.0.0 via id GET Parameter

CVE-2019-10852 · MEDIUM

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.