Submit #483344: esafenet CDG V5 SQL Injectioninfo

Titleesafenet CDG V5 SQL Injection
DescriptionA vulnerability classified as critical has been discovered in esafenet's CDG v5 product. The flowId parameter in the sdDoneDetail.jsp interface is not properly validated and sanitized, leading to a SQL injection vulnerability. An attacker can craft a malicious flowId parameter to execute arbitrary SQL queries, potentially accessing or modifying sensitive information in the database.
Source⚠️ https://github.com/Rain1er/report/blob/main/CDG/sdDoneDetail.md
User
 raindrop (UID 80297)
Submission01/16/2025 10:25 (1 Year ago)
Moderation01/28/2025 15:34 (12 days later)
StatusAccepted
VulDB entry293915 [ESAFENET CDG V5 /sdDoneDetail.jsp flowId sql injection]
Points19

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!