Arbitrary Code Execution Via ID Parameter of Data.jsp Page
CVE-2024-42885

Currently unrated

Key Information:

Vendor
ESAFENET
Vendor
CVE Published:
5 September 2024

Summary

SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an attacker to execute arbitrary code via the id parameter of the data.jsp page.

References

Timeline

  • Vulnerability published

.