Arbitrary SQL Command Execution in Dialogic PowerMedia XMS Administrative Console
CVE-2018-11643 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
SQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter.
Learn more about our User Device Pen Test.