1. Forum
  2. FidoNet
  3. SECURITY

  • Intel Data Center Manager 4.1 SQL Injection

    From Security Bot@2:250/1 to All on Fri Mar 3 20:22:02 2023


    Intel Data Center Manager 4.1 SQL Injection

    Intel Data Center Manager's endpoint at /DcmConsole/DataAccessServlet?action=getRoomRackData is vulnerable to
    an authenticated, blind SQL injection attack when user-supplied input to
    the HTTP POST parameter dataName is processed by the web application.
    Versions 4.1 and below are affected.

    https://packetstormsecurity.com/files/170180/idcm41-sql.txt

    Fri, 09 Dec 2022 14:54:22 GMT
    ________________________________
    --- The information is for inforamtional purposes only.
    * Origin: Read us with http://winpoint.org JID: rs@captflint.com