Rukovoditel Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-11816 - Vulnerability Database

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-11816

Critical
Reference: CVE-2020-11816
Title: Rukovoditel Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter.