|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-07-02 | |
| Rule Name: | Esafenet CDG NavigationAjax SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Esafenet CDG is a professional information security solution designed to protect enterprise electronic documents from unauthorized access, leakage or tampering, and ensure data security and integrity. There is a SQL injection vulnerability in the NavigationAjax of Esafenet CDG. An attacker can use this vulnerability to send malicious SQL code to the database, which may lead to data disclosure, data damage, service interruption and even complete control of the database server. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |