CVE-2018-12295

Publication date

2019-05-13 12:31:26

Family

mitre

State

PUBLISHED

Description

SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands via the dirId URL parameter.