SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HContec Conprosys Hmi System
APPContec< 3.5.3
Powiązane podatności
CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitr...
Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account ...
Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of ...
Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3...
Use of default credentials vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote u...