CVE-2017-12729

Name of the Vulnerable Software and Affected Versions: Moxa SoftCMS Live Viewer versions 1.6 and earlier

Description: A SQL Injection issue has been discovered, allowing attackers to exploit an improper neutralization of special elements used in an SQL command. This enables access to SoftCMS without knowing the user's password.

Recommendations: For Moxa SoftCMS Live Viewer versions 1.6 and earlier, consider restricting access to the SQL database to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using user input in SQL commands to prevent injection attacks.