PT-2025-37993 · E1 Informatics · E1 Informatics Web Application

Hüseyin Üzüm

Publicado

2025-09-16

Atualizado

2025-09-16

CVE-2024-13174

CVSS v3.1

8.6

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Name of the Vulnerable Software and Affected Versions E1 Informatics Web Application versions through 20250916

Description The E1 Informatics Web Application contains a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows attackers to perform malicious SQL commands. The vendor has not yet completed the fixing process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2024-13174

Produtos afetados

E1 Informatics Web Application

PT-2025-37993 · E1 Informatics · E1 Informatics Web Application

CVE-2024-13174

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6