Blind SQL injection vulnerability in the Conacwin 3.7.1.2...
Moderate severity
Unreviewed
Published
Oct 4, 2023
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Oct 4, 2023
Published to the GitHub Advisory Database
Oct 4, 2023
Last updated
Apr 4, 2024
Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter.
References