CVE-2023-1547

Name of the Vulnerable Software and Affected Versions Elra Parkmatik versions prior to 02.01-a51

Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection through SOAP parameter tampering and command line execution through SQL Injection.

Recommendations For versions prior to 02.01-a51, update to a version 02.01-a51 or later to resolve the issue. As a temporary workaround, consider restricting access to SOAP parameters to minimize the risk of exploitation. Avoid using vulnerable SOAP endpoints until the issue is resolved.