Ipswitch : Security Vulnerabilities, CVEs, Published In 2016 (Sql injection)
Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
Max CVSS
8.8
EPSS Score
0.05%
Published
2016-10-06
Updated
2017-11-03
The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request.
Max CVSS
9.8
EPSS Score
0.08%
Published
2016-01-08
Updated
2017-09-10
2 vulnerabilities found