CVE-2020-7356 – CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via …

6 August 2020

Vuln ID: CVE-2020-7356

Published: 2020-08-06 16:15:13Z

Description: CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter ‘wayfinder_seqid’ in wayfinder_meeting_input.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and execute SYSTEM commands.

Source: NVD.NIST.GOV

Date:

6 August 2020

Categorie(s):

NVD

Tag(s):

NVD

#RSAC: 70% of Businesses Prioritize Innovation Over Security in Generative AI Projects6 May 2024
Anomali introduces AI-powered Security Operations Platform6 May 2024
AWS achieves Spain’s ENS High 311/2022 certification across 172 services6 May 2024
Indonesia Emerging As A Hub For Highly Invasive Spyware6 May 2024
Cranium launches exposure management solution to safeguard AI systems6 May 2024