Vulnerabilities > Sciencelogic > SL1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-09 | CVE-2022-48585 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48586 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48587 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48588 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48589 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |
| 2023-08-09 | CVE-2022-48590 | SQL Injection vulnerability in Sciencelogic SL1 A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. | 8.8 |