A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7.0.10. FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled endpoints. The SQL injection vulnerability is due to user controller strings which can be sent directly into database queries. FcmDaemon.exe is the main service responsible for communicating with enrolled clients. By default it listens on port 8013 and communicates with FCTDas.exe which is responsible for translating requests and sending them to the database. In the message header of a specific request sent between the two services, the FCTUID parameter is vulnerable to SQL injection. It can be used to enable the xp_cmdshell which can then be used to obtain unauthenticated remote code execution in the context of NT AUTHORITY\SYSTEM. Upgrading to either 7.2.3, 7.0.11 or above is recommended by FortiNet. It should be noted that in order to be vulnerable, at least one endpoint needs to be enrolled / managed by FortiClient EMS for the necessary vulnerable services to be available.
5dc08a7c993a962915dd2867b371b86d2696d585975c16dd1ce9c50691286b53LRMS PHP version 1.0 suffers from remote shell upload and multiple remote SQL injection vulnerabilities.
cd29b75f4fc26669967838b2cacc350651afd70ebc41fa183a818a2044008a19Centreon version 23.10-1.el8 suffers from a remote authenticated SQL injection vulnerability.
ccd137a9553629c65cb1fcc131008c98cf86b7038c922afa5586765db2092434Kruxton version 1.0 suffers from a remote SQL injection vulnerability.
9848e498414e8e0e14e12064a9a285c3bc570dd55bd67b2940d83dc1a77c56cdWBCE version 1.6.0 suffers from a remote SQL injection vulnerability.
18873adacfde1b4805b4a6b105109b6e4a03d0a85a9440207f1364a7e3ae897bAMPLE BILLS version 0.1 suffers from a remote SQL injection vulnerability.
d20b6ec27d1eeff141c08bd7cfa9127bb8953085c6f65df0d3f8a8e79abd9901Moodle version 3.10.1 suffers from a remote time-based SQL injection vulnerability.
e3ce711f4b8356d012259f34f7f227e8907a46d0f7af6bb3c35ce4c0de5a0e57Online Fire Reporting System version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
9342b7d21282ed54ce4702c6cda7276732332887ecb951f160125d0470ad7553Stock Management System version 1.0 suffers from a remote SQL injection vulnerability.
ee8f6806eb002eeb79308e1f582300e6c9e5c6963aed8ff7b5b730994fc80298Joomla SP Page Builder component version 5.2.7 suffers from a remote SQL injection vulnerability.
c0a01ac21e54ef967a8efc4d6257dd13af0264821d06c9c02f3fc743f377f9f1Flightio.com suffers from a remote SQL injection vulnerability. The researchers reporting this claimed the site has not responded to their reports so we are posting this to add visibility to the issue.
287e946136487edac1a8bcbedb409990ac26461ab1f6840438934159773b37daDaily Expense Manager version 1.0 suffers from a remote SQL injection vulnerability.
3036d5c35514225ac7efd5fae884b642a5c6e16478440cce60456af20f3c8957Open Source Medicine Ordering System version 1.0 suffers from a remote SQL Injection vulnerability.
ddcd59d819ea5c59b6d5493517cad43c4bfefe50707cf9b222d8705aea3e670bInvision Community versions 4.4.0 through 4.7.15 suffer from a remote SQL injection vulnerability in store.php.
f3e99d07ab1ab0d469a1a39ceb456ac6dc86fdcbd9071ad8690ce38ecca5a7ffUP-RESULT version 0.1 2024 suffers from a remote SQL injection vulnerability.
4add65ea93ae55c77a16552103ce0483201e157f530ea8a0e1e38f32c5d69671DerbyNet 9.0 suffers from a remote SQL injection vulnerability in print/render/racer.inc.
c59f5b4f5d044eb7838a408a25e1ddb8966666ed55c708660903f015ccf7e1b5DerbyNet 9.0 suffers from a remote SQL injection vulnerability in print/render/award.inc.
635f60dcea426f833c149bf378a0e8ce1585c3548641f81eb1702cf39c8c50deDerbyNet 9.0 suffers from a remote SQL injection vulnerability in ajax/query.slide.next.inc.
4d58e0287f76d2e5689e86c7f6907829d0e768e9a60e0f2ac317c9153ee4e3b6Human Resource Management System 2024 version 1.0 suffers from a remote SQL injection vulnerability.
94d4f83975f87861e5de23afeddf375d89516755bb5f7b64deb215523821ad76User Registration and Login and User Management System version 3.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
d7b9220fd1f8abc396db42df756fbc5a76abf3925bf5357e6721975e8781e9cbComputer Laboratory Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.
1d0c177652350dd1598803c48c5741b17359e328ac93e414c5c3edf51473fc06Ubuntu Security Notice 6720-1 - Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graph_view.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks.
72a1060cc659927cdff0d3fabd91138203688e06b807e728473d37ed3e99a9d3Daily Habit Tracker version 1.0 suffers from a remote SQL injection vulnerability.
cd7b10f9c3d3198234448508b8bd3971e255165331cb45675cc34ec55a085e1cEmployee Management System version 1.0 suffers from additional remote SQL injection vulnerabilities. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.
0c0393923d3df1c0633d25e433d1f3d236c329b41f5056207cc820b47be87eaeOpenCart Core version 4.0.2.3 suffers from a remote SQL injection vulnerability.
4e62c24dfb4857453f8503bda030c60fd230c642a59bc3d770a2f4bd0cab12e2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed