Arbitrary Code Execution Via ID Parameter of Data.jsp Page
CVE-2024-42885
Currently unrated
Key Information:
- Vendor
- ESAFENET
- Vendor
- CVE Published:
- 5 September 2024
Summary
SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an attacker to execute arbitrary code via the id parameter of the data.jsp page.
References
Timeline
Vulnerability published