Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local malicious user to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
setelsa-security conacwin 3.7.1.2 |