Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HI Doit
APPI-Doit≤ 1.12
Related vulnerabilities
i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default administrator creden...
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator accou...
i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbi...
i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to down...
SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker to send a spec...