VYPR
High severity7.5NVD Advisory· Published Oct 9, 2019· Updated Jun 17, 2026

CVE-2019-17128

CVE-2019-17128

Description

Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. The injection allows an attacker to read sensitive information from the database used by the application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Netreo/OmniCenterdescription
  • Netref/Netrefllm-fuzzy
    Range: <=12.1.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.