Prophecyinternational: >> Snare Central Security Vulnerabilities
A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter.
CVSS Score
7.2
EPSS Score
0.006
Published
2019-08-29
An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.
CVSS Score
7.2
EPSS Score
0.039
Published
2019-08-29