PT-2023-31084 · Magic Logix · Magic Logix Msync

Mika

Publicado

2023-12-20

Atualizado

2023-12-27

CVE-2023-49166

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Magic Logix MSync versions 1.0.0 and earlier

Description The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This vulnerability affects Magic Logix MSync, allowing potential exploitation.

Recommendations For Magic Logix MSync versions 1.0.0 and earlier, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2023-49166

Produtos afetados

Magic Logix Msync

PT-2023-31084 · Magic Logix · Magic Logix Msync

CVE-2023-49166

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6