|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-07-31 | |
| Rule Name: | ZenTaoPMS 16.5 SQL Injection | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | ZenTaoPMS is a set of project management software developed by Nature Easy Soft Network Technology Company in order to solve the chaos and disorder in the management process of many enterprises. ZenTaoPMS 16.5 does not filter and verify the input account parameter content, resulting in the attacker splicing malicious SQL statement execution. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |