Grupo Embras · Geosiap Erp · CVE-2023-50589
**Name of the Vulnerable Software and Affected Versions**
Grupo Embras GEOSIAP ERP version 2.2.167.02
**Description**
The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `codLogin` parameter on the login page.
**Recommendations**
For version 2.2.167.02, consider restricting access to the login page or disabling the `codLogin` parameter until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.