An issue exists in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions up to and including 2.5.0. There is an unauthenticated SQL injection in DATA24, allowing malicious users to discover database and table names.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mbconnectline mymbconnect24 |
||
mbconnectline mbconnect24 |