Unrated severityNVD Advisory· Published Dec 28, 2018· Updated Aug 5, 2024
CVE-2018-1000630
CVE-2018-1000630
Description
Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to /api/PluginStatusActions.php and /status/pluginStatus.php using the jtSorting or id parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
Affected products
2= 2.5.1+ 1 more
- (no CPE)range: = 2.5.1
- (no CPE)range: 2.5.1
Patches
Vulnerability mechanics
References
1- exchange.xforce.ibmcloud.com/vulnerabilities/147307mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.