Описание
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-89
https://bugzilla.redhat.com/show_bug.cgi?id=1013076Foreman: host and host group parameter SQL injection
EPSS
Процентиль: 57%
0.00354
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 11 лет назад
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
debian
больше 11 лет назад
Multiple SQL injection vulnerabilities in app/models/concerns/host_com ...
github
больше 3 лет назад
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
EPSS
Процентиль: 57%
0.00354
Низкий
4.3 Medium
CVSS2