An issue exists in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 up to and including 2.6.1. There is a blind SQL injection in the knximport component via an advanced attack vector, allowing logged in malicious users to discover arbitrary information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mbconnectline mbconnect24 |
||
mbconnectline mymbconnect24 |