提交 #483344: esafenet CDG V5 SQL Injection信息

标题esafenet CDG V5 SQL Injection
描述A vulnerability classified as critical has been discovered in esafenet's CDG v5 product. The flowId parameter in the sdDoneDetail.jsp interface is not properly validated and sanitized, leading to a SQL injection vulnerability. An attacker can craft a malicious flowId parameter to execute arbitrary SQL queries, potentially accessing or modifying sensitive information in the database.
来源⚠️ https://github.com/Rain1er/report/blob/main/CDG/sdDoneDetail.md
用户
 raindrop (UID 80297)
提交2025-01-16 10時25分 (1 年前)
管理2025-01-28 15時34分 (12 days later)
状态已接受
VulDB条目293915 [ESAFENET CDG V5 /sdDoneDetail.jsp flowId SQL注入]
积分19

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!