Full title: Intel Data Center Manager 4.1 SQL Injection Vulnerability 
Category: web applications
Platform: multiple
Intel Data Center Manager's endpoint at "/DcmConsole/DataAccessServlet?action=getRoomRackData" is vulnerable to an authenticated, blind SQL injection attack when user-supplied input to the HTTP POST parameter "dataName" is processed by the web application. Versions 4.1 and below are affected.

# 0day.today @ http://0day.today/