Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the select parameter in models/base_client.py component.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Didotech srl Engineering & Lifecycle Management SQL注入漏洞
Vulnerability Description
Didotech srl Engineering & Lifecycle Management是Didotech srl公司的一套开源商业应用程序。 Didotech srl Engineering & Lifecycle Management (aka pdm) 14.0.1.0.0之前、15.0.1.0.0之前和16.0.1.0之前版本存在安全漏洞,该漏洞源于允许经过身份验证的远程攻击者通过 models/base_client.py 组件中的 select 参数执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A