Vulnerabilities > Saifor > Cvms HUB

DATE CVE VULNERABILITY TITLE RISK
2018-02-07 CVE-2018-6792 SQL Injection vulnerability in Saifor Cvms HUB 1.3.1
Multiple SQL injection vulnerabilities in Saifor CVMS HUB 1.3.1 allow an authenticated user to execute arbitrary SQL commands via multiple parameters to the /cvms-hub/privado/seccionesmib/secciones.xhtml resource.
network
low complexity
saifor CWE-89
6.5
6.5