Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MB connect line mbCONNECT24 vulnerable to an unauthenticated SQL injection in the getinfo endpoint
Vulnerability Description
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
MB Connect Line mbCONNECT24 SQL注入漏洞
Vulnerability Description
MB Connect Line mbCONNECT24是德国MB Connect Line公司的一套远程服务门户网站。该产品支持远程接入、数据记录和报警等功能。 MB connect line mbCONNECT24存在SQL注入漏洞,该漏洞源于SQL SELECT命令特殊元素中和不当,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A