SQL Injection Vulnerability in i-doit Pro Web Application by Synetics
CVE-2014-1597

Currently unrated

Key Information:

Vendor

I-doit

Status
I-doit
Vendor
CVE Published:
27 February 2014

What is CVE-2014-1597?

The i-doit Pro web application by Synetics is susceptible to SQL injection due to improper handling of the objID parameter. This vulnerability allows remote attackers to execute arbitrary SQL commands, potentially compromising the integrity and security of the underlying database. All versions prior to 1.2.5, along with i-doit Open, are affected, posing significant risks to organizations utilizing this software. It is crucial for users to apply necessary patches and validate inputs to mitigate these threats effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/91269
vdb-entryx_refsource_XF
http://secunia.com/advisories/56931
third-party-advisoryx_refsource_SECUNIA
http://www.i-doit.com/en/company/news/single-news/?tx_ttn...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.