The SOURCE Boston CFP is open through March 9th
SOURCE Conference brings security experts and business professionals
together in an intimate and personal environment to discuss the security
industry’s most important issues, technologies, and business trends. SOURCE
places the technical excellence
##
# _ ___ _ _ _ _
# | | / _ \| \ | |/ ___|/ ___| / \|_ _|
# | | | | | | \| | | _| | / _ \ | |
# | |__| |_| | |\ | |_| | |___ / ___ \| |
# |_\___/|_| \_|\|\/_/ \_\_|
#
# PH
I found a couple SQL injection vulnerabilities in the core Orion service
used in most of the Solarwinds products (SAM, IPAM, NPM, NCM, etc…). This
service provides a consistent configuration and authentication layer across
the products.
To be exact, the vulnerable applications and versions are:
N
