|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-08-20 | |
| Rule Name: | Kingtowin HKMP Intelligent Business Software queryPrintTemplate SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Kingtowin HKMP Intelligent Business software is an intelligent management system. An SQL injection vulnerability exists in the queryPrintTemplate interface of Kingtowin HKMP intelligent business software, which can be exploited by an unauthenticated malicious attacker to obtain information from the database. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |