The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: schneider
Published: 2018-07-03T14:00:00Z
Updated: 2024-09-17T00:22:00.831Z
Reserved: 2018-03-08T00:00:00
Link: CVE-2018-7765
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-07-03T14:29:00.617
Modified: 2019-05-14T20:29:02.217
Link: CVE-2018-7765
Redhat
No data.