Security Advisory

CVE-2019-25581

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-21 15:30:39

Last updated 2026-03-23 19:55:52

Assigner VulnCheck

State PUBLISHED

Description

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive database information including usernames, database names, and version details.

← Browse all CVEs View on cve.org ↗