CVE-2024-6699

July 30, 2024, 1:32 p.m.

Product(s) Impacted

Mikafon MA7

  • v3.0 before v3.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mikafon Electronic Inc. Mikafon MA7 allows SQL Injection.This issue affects Mikafon MA7: from v3.0 before v3.1.

Weaknesses

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

CWE ID: 89

Date

Published: July 30, 2024, 1:15 p.m.

Last Modified: July 30, 2024, 1:32 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

iletisim@usom.gov.tr

References