SQL Injection Vulnerability in LoginServlet Page in SolarWinds Storage Manager, Storage Profiler, and Backup Profiler before 5.1.2

SQL Injection Vulnerability in LoginServlet Page in SolarWinds Storage Manager, Storage Profiler, and Backup Profiler before 5.1.2

CVE-2012-2576 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.

Learn more about our Web Application Penetration Testing UK.