Submit #483344: esafenet CDG V5 SQL Injectioninfo

Titleesafenet CDG V5 SQL Injection
DescriptionA vulnerability classified as critical has been discovered in esafenet's CDG v5 product. The flowId parameter in the sdDoneDetail.jsp interface is not properly validated and sanitized, leading to a SQL injection vulnerability. An attacker can craft a malicious flowId parameter to execute arbitrary SQL queries, potentially accessing or modifying sensitive information in the database.
Source⚠️ https://github.com/Rain1er/report/blob/main/CDG/sdDoneDetail.md
User
 raindrop (UID 80297)
Submission01/16/2025 10:25 AM (1 Year ago)
Moderation01/28/2025 03:34 PM (12 days later)
StatusAccepted
VulDB entry293915 [ESAFENET CDG V5 /sdDoneDetail.jsp flowId sql injection]
Points19

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!