PT-2019-18114 · Risi · Risi Gestao De Horarios

João Neves

Published

2019-03-21

Updated

2019-03-25

CVE-2019-6491

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions RISI Gestao de Horarios version 3201.09.08 rev.23

Description The issue allows SQL Injection, which can potentially be exploited to extract or modify sensitive data.

Recommendations For version 3201.09.08 rev.23, update to a newer version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2019-6491

Affected Products

Risi Gestao De Horarios

PT-2019-18114 · Risi · Risi Gestao De Horarios

CVE-2019-6491

Weakness Enumeration

Related Identifiers

Affected Products

References · 3