Vendor
high
advisory
AiOPMSD Final 1.0.0 SQL Injection Vulnerability (CVE-2018-25420)
2 rules 1 TTP 1 CVEAiOPMSD Final 1.0.0 is vulnerable to SQL injection via the 'id' parameter in the watch.php script, allowing unauthenticated attackers to send crafted GET requests with SQL payloads to extract sensitive database information.
AiOPMSD Final
sql-injection
cve
network
2r
1t
1c
high
advisory
CVE-2018-25416 - AiOPMSD Final 1.0.0 Unauthenticated SQL Injection
2 rules 1 TTP 1 CVEAiOPMSD Final 1.0.0 is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter via GET requests to country.php, enabling extraction of sensitive database information including usernames, database names, and version details.
AiOPMSD Final
sql-injection
cve-2018-25416
web-application
2r
1t
1c