Alberto Gasulla

**Name of the Vulnerable Software and Affected Versions** Gescen (affected versions not specified) **Description** The issue allows an attacker to send a specially crafted SQL query to the `pass` parameter and retrieve all the data stored in the database. This is a SQL injection vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SCAN VISIO eDocument Suite Web Viewer of Abast (affected versions not specified) **Description** A SQL Injection issue has been discovered, allowing an unauthenticated user to retrieve, update, and delete all database information. This issue was found on the login page via the `user` parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.