Arbitrary Code Execution Via ID Parameter of Data.jsp Page

CVE-2024-42885
Currently unrated 🤨

Key Information

Vendor
ESAFENET
Vendor
CVE Published:
5 September 2024

Summary

SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an attacker to execute arbitrary code via the id parameter of the data.jsp page.

Timeline

  • Vulnerability published.

Collectors

NVD Database
.