CVE-2019-15016

  • Published Date: Wed 09 Oct 2019
  • Last Modified Date: Fri 11 Oct 2019

An SQL injection vulnerability exists in the management interface of Zingbox Inspector versions 1.288 and earlier, that allows for unsanitized data provided by an authenticated user to be passed from the web UI into the database.

Impact

Severity: MEDIUM
Exploitability Score: 8.0
Impact Score: 6.4
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): SINGLE
Availability (A): PARTIAL

References (Advisories, Solutions, and Tools):



Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD