|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-08-20 | |
| Rule Name: | Cailsoft Enterprise Management System GetImportDetailJson SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Cailsoft Enterprise Management System is a software system that provides a total management solution for enterprises. An SQL injection vulnerability exists in the GetImportDetailJson interface of Cailsoft Enterprise management system, which can be exploited by an unauthenticated malicious attacker to obtain information in the database. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |