| Title | ESAFENET ESAFENET CDG V5 SQL Injection |
|---|
| Description | There is an injection vulnerability in the id parameter of the Catelogs interface.
This vulnerability allows attackers to manipulate the application’s database through specially crafted SQL query strings. Due to insufficient verification of user input, attackers can insert malicious SQL code into input fields, thereby bypassing authentication, accessing or modifying sensitive data in the database, and even performing database management operations |
|---|
| Source | ⚠️ https://flowus.cn/share/38f64855-27ec-4170-ac78-f29ca595901e?code=G8A6P3 |
|---|
| User | 0menc (UID 75423) |
|---|
| Submission | 09/27/2024 04:08 (2 years ago) |
|---|
| Moderation | 10/06/2024 12:03 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 279368 [ESAFENET CDG V5 Catelogs;logindojojs?command=DelCatelogs delCatelogs ID sql injection] |
|---|
| Points | 20 |
|---|