Vulnerabilities > Sciencelogic
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-9537 | Unspecified vulnerability in Sciencelogic SL1 ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. | 9.8 |
| 2023-08-09 | CVE-2022-48591 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the vendor_state parameter of the “vendor print report” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48592 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the vendor_country parameter of the “vendor print report” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48593 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “topology data service” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48594 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “ticket watchers email” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48595 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “ticket template watchers” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48596 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48597 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “ticket event report” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48598 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “reporter events type date” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48599 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |