threat
engine
.sh
Back
·
··:··
Home
/
Product
/
sciencelogic sl1
Product
sciencelogic sl1
26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-9537
>= 10.1.0 and < 12.1.3
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component package
9.8
CRITICAL
CVE-2022-48604
<= 11.1.2
A SQL injection vulnerability exists in the “logging export” feature of the ScienceLogic SL1 that takes unsanitized user‐con
8.8
HIGH
CVE-2022-48603
<= 11.1.2
A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized use
8.8
HIGH
CVE-2022-48602
<= 11.1.2
A SQL injection vulnerability exists in the “message viewer print” feature of the ScienceLogic SL1 that takes unsanitized user
8.8
HIGH
CVE-2022-48601
<= 11.1.2
A SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 that takes unsanitized user
8.8
HIGH
CVE-2022-48600
<= 11.1.2
A SQL injection vulnerability exists in the “notes view” feature of the ScienceLogic SL1 that takes unsanitized user‐control
8.8
HIGH
CVE-2022-48599
<= 11.1.2
A SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 that takes unsanitized user
8.8
HIGH
CVE-2022-48598
<= 11.1.2
A SQL injection vulnerability exists in the “reporter events type date” feature of the ScienceLogic SL1 that takes unsanitized
8.8
HIGH
CVE-2022-48597
<= 11.1.2
A SQL injection vulnerability exists in the “ticket event report” feature of the ScienceLogic SL1 that takes unsanitized user
8.8
HIGH
CVE-2022-48596
<= 11.1.2
A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized use
8.8
HIGH
CVE-2022-48595
<= 11.1.2
A SQL injection vulnerability exists in the “ticket template watchers” feature of the ScienceLogic SL1 that takes unsanitized
8.8
HIGH
CVE-2022-48594
<= 11.1.2
A SQL injection vulnerability exists in the “ticket watchers email” feature of the ScienceLogic SL1 that takes unsanitized use
8.8
HIGH
CVE-2022-48593
<= 11.1.2
A SQL injection vulnerability exists in the “topology data service” feature of the ScienceLogic SL1 that takes unsanitized use
8.8
HIGH
CVE-2022-48592
<= 11.1.2
A SQL injection vulnerability exists in the vendor_country parameter of the “vendor print report” feature of the ScienceLogic
8.8
HIGH
CVE-2022-48591
<= 11.1.2
A SQL injection vulnerability exists in the vendor_state parameter of the “vendor print report” feature of the ScienceLogic SL
8.8
HIGH
CVE-2022-48590
<= 11.1.2
A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsaniti
8.8
HIGH
CVE-2022-48589
<= 11.1.2
A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user
8.8
HIGH
CVE-2022-48588
<= 11.1.2
A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized
8.8
HIGH
CVE-2022-48587
<= 11.1.2
A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐co
8.8
HIGH
CVE-2022-48586
<= 11.1.2
A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user‐contro
8.8
HIGH
CVE-2022-48585
<= 11.1.2
A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user
8.8
HIGH
CVE-2022-48584
<= 11.1.2
A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized
8.8
HIGH
CVE-2022-48583
<= 11.1.2
A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user‐
8.8
HIGH
CVE-2022-48582
<= 11.1.2
A command injection vulnerability exists in the ticket report generate feature of the ScienceLogic SL1 that takes unsanitized user
8.8
HIGH
CVE-2022-48581
<= 11.1.2
A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that takes unsanitized user cont
8.8
HIGH
CVE-2022-48580
<= 11.1.2
A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user c
8.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin