The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2018-07-03T14:00:00Z

Updated: 2024-09-17T00:22:00.831Z

Reserved: 2018-03-08T00:00:00

Link: CVE-2018-7765

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-03T14:29:00.617

Modified: 2019-05-14T20:29:02.217

Link: CVE-2018-7765

cve-icon Redhat

No data.