Soumettre #483344: esafenet CDG V5 SQL Injectioninformation

Titreesafenet CDG V5 SQL Injection
DescriptionA vulnerability classified as critical has been discovered in esafenet's CDG v5 product. The flowId parameter in the sdDoneDetail.jsp interface is not properly validated and sanitized, leading to a SQL injection vulnerability. An attacker can craft a malicious flowId parameter to execute arbitrary SQL queries, potentially accessing or modifying sensitive information in the database.
La source⚠️ https://github.com/Rain1er/report/blob/main/CDG/sdDoneDetail.md
Utilisateur
 raindrop (UID 80297)
Soumission16/01/2025 10:25 (il y a 1 Année)
Modérer28/01/2025 15:34 (12 days later)
StatutAccepté
Entrée VulDB293915 [ESAFENET CDG V5 /sdDoneDetail.jsp flowId injection SQL]
Points19

PrécédentAperçuSuivant

Interested in the pricing of exploits?

See the underground prices here!