DojoSecurity

1 exploit Active since Jul 2023
CVE-2023-39122 WRITEUP CRITICAL WORKING POC
BMC Control-M <9.0.20.200 - SQL Injection
BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200).
CVSS 9.8