| 제목 | Engeman Engeman Web <= 12.0.0.1 SQL Injection |
|---|
| 설명 | A vulnerability that allows manipulation of the SQL query made during the password recovery page load was found in the Engeman Web software. This vulnerability can be exploited by visitors without access to any valid credentials, that is, in an unauthenticated manner, to compromise the confidentiality and integrity of the data stored in the application's database, as well as potentially cause denial of service at the component level by altering values in critical tables. |
|---|
| 원천 | ⚠️ https://docs.google.com/document/d/1fbe1o3ncvmYbw-w1MKMUJg7z-qu1Wyo81y9isFlNyi0/edit?usp=sharing |
|---|
| 사용자 | m3m0o (UID 87980) |
|---|
| 제출 | 2025. 07. 16. AM 05:29 (11 개월 ago) |
|---|
| 모더레이션 | 2025. 07. 26. AM 10:58 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 317808 [Engeman Web 까지 12.0.0.2 Password Recovery Page /Login/RecoveryPass LanguageCombobox SQL 주입] |
|---|
| 포인트들 | 20 |
|---|