2022-03-07 20:58:08
mitre
PUBLISHED
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. Exploitation can be used to disclose all data within the database (up to and including the administrative accounts login IDs and passwords) via the login.jsp uname parameter.