CVE-2023-5046

Name of the Vulnerable Software and Affected Versions Biltay Technology Procost versions prior to 1390

Description The issue is related to an SQL Injection vulnerability, allowing for improper neutralization of special elements used in an SQL command. This can lead to SQL Injection and Command Line Execution through SQL Injection.

Recommendations For versions prior to 1390, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to sensitive SQL commands and validating user input to minimize the risk of exploitation.