mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-01 19:21:35 +02:00
marc
760 B
760 B
CVE-2020-28860
Description
OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection.
POC
Reference
- http://packetstormsecurity.com/files/160459/OpenAsset-Digital-Asset-Management-SQL-Injection.html
- http://seclists.org/fulldisclosure/2020/Dec/21
Github
No PoCs found on GitHub currently.