CVE-2020-15886
packagist/munkireport/reportdata
SQL Injection
An SQL injection vulnerability in reportdata_controller.php
in the reportdata module for MunkiReport allows attackers to execute arbitrary SQL commands via the req
parameter of the /module/reportdata/ip
endpoint.
All versions before 3.5
Upgrade to version 3.5 or above.
2020-07-29
source |