Meba

Name of the Vulnerable Software and Affected Versions: SpeedTech Organization and Resource Manager (Storm) versions 5.x before 5.x-1.14 SpeedTech Organization and Resource Manager (Storm) versions 6.x before 6.x-1.18 Description: The issue allows remote authenticated users with storm project access to execute arbitrary SQL commands. This can be achieved via unspecified vectors. Recommendations: For SpeedTech Organization and Resource Manager (Storm) versions 5.x before 5.x-1.14, update to version 5.x-1.14 or later. For SpeedTech Organization and Resource Manager (Storm) versions 6.x before 6.x-1.18, update to version 6.x-1.18 or later.