Description
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the order_by parameter at /rukovoditel/index.php?module=logs/view&type=php.
Remediation
References
Related Vulnerabilities
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-29445)
WordPress Plugin Google AdSense by BestWebSoft Cross-Site Scripting (1.43)
WordPress Plugin User Login History Multiple Cross-Site Scripting Vulnerabilities (1.5.2)
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3045)
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)