cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-4088,https://securityvulnerability.io/vulnerability/CVE-2021-4088,Blind SQL injection in DLP ePO extension,"SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code execution on the ePO server with privilege escalation.","Mcafee,llc",Mcafee Data Loss Prevention (dlp) Epo Extension,8.4,HIGH,0.0008200000156648457,false,,false,false,false,,,false,false,,2022-01-24T16:00:14.000Z,0
CVE-2021-31848,https://securityvulnerability.io/vulnerability/CVE-2021-31848,Data Loss Prevention (DLP) ePO extension - Cross site scripting (XSS),Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension.,Mcafee,Data Loss Prevention (dlp) Epo Extension,8.4,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2021-11-01T19:25:19.000Z,0
CVE-2021-31849,https://securityvulnerability.io/vulnerability/CVE-2021-31849,Data Loss Prevention (DLP) ePO extension - SQL injection,SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker logged into ePO as an administrator to inject arbitrary SQL into the ePO database through the user management section of the DLP ePO extension.,Mcafee,Data Loss Prevention (dlp) Epo Extension,8.4,HIGH,0.0008299999753944576,false,,false,false,false,,,false,false,,2021-11-01T19:25:13.000Z,0