Multiple SQL injection vulnerabilities in Foreman prior to 1.0.2 allow remote malicious users to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2) app/models/puppetclass.rb, related to the search mechanism.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
theforeman foreman 0.2 |
||
theforeman foreman 0.4.1 |
||
theforeman foreman 0.3 |
||
theforeman foreman |
||
theforeman foreman 0.1 |
||
theforeman foreman 0.4 |