An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow attackers to execute arbitrary SQL commands via unspecified vectors.
References
Link | Resource |
---|---|
https://docs.ipswitch.com/NM/WhatsUpGold2017Plus/01_ReleaseNotes/17PlusSP1/#link4 | Release Notes Vendor Advisory |
https://docs.ipswitch.com/NM/WhatsUpGold2017Plus/01_ReleaseNotes/17PlusSP1/#link4 | Release Notes Vendor Advisory |
Configurations
History
21 Nov 2024, 04:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://docs.ipswitch.com/NM/WhatsUpGold2017Plus/01_ReleaseNotes/17PlusSP1/#link4 - Release Notes, Vendor Advisory |
27 Aug 2024, 17:48
Type | Values Removed | Values Added |
---|---|---|
First Time |
Progress
Progress whatsup Gold |
|
CPE | cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:* |
Information
Published : 2018-01-24 15:29
Updated : 2024-11-21 04:09
NVD link : CVE-2018-5778
Mitre link : CVE-2018-5778
CVE.ORG link : CVE-2018-5778
JSON object : View
Products Affected
progress
- whatsup_gold
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')