Submeter #483344: esafenet CDG V5 SQL Injectioninformação

Títuloesafenet CDG V5 SQL Injection
DescriçãoA vulnerability classified as critical has been discovered in esafenet's CDG v5 product. The flowId parameter in the sdDoneDetail.jsp interface is not properly validated and sanitized, leading to a SQL injection vulnerability. An attacker can craft a malicious flowId parameter to execute arbitrary SQL queries, potentially accessing or modifying sensitive information in the database.
Fonte⚠️ https://github.com/Rain1er/report/blob/main/CDG/sdDoneDetail.md
Utilizador
 raindrop (UID 80297)
Submissão16/01/2025 10h25 (há 1 Ano)
Moderação28/01/2025 15h34 (12 days later)
EstadoAceite
Entrada VulDB293915 [ESAFENET CDG V5 /sdDoneDetail.jsp flowId Injeção SQL]
Pontos19

VoltarVisão GeralPróximo

Interested in the pricing of exploits?

See the underground prices here!