Vulnerabilities > Sciencelogic

DATE CVE VULNERABILITY TITLE RISK
2023-08-09 CVE-2022-48585 SQL Injection vulnerability in Sciencelogic SL1
A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query.
network
low complexity
sciencelogic CWE-89
8.8
2023-08-09 CVE-2022-48586 SQL Injection vulnerability in Sciencelogic SL1
A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query.
network
low complexity
sciencelogic CWE-89
8.8
2023-08-09 CVE-2022-48587 SQL Injection vulnerability in Sciencelogic SL1
A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query.
network
low complexity
sciencelogic CWE-89
8.8
2023-08-09 CVE-2022-48588 SQL Injection vulnerability in Sciencelogic SL1
A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query.
network
low complexity
sciencelogic CWE-89
8.8
2023-08-09 CVE-2022-48589 SQL Injection vulnerability in Sciencelogic SL1
A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query.
network
low complexity
sciencelogic CWE-89
8.8
2023-08-09 CVE-2022-48590 SQL Injection vulnerability in Sciencelogic SL1
A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query.
network
low complexity
sciencelogic CWE-89
8.8