The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2018-07-03T14:00:00Z

Updated: 2024-09-16T23:01:59.416Z

Reserved: 2018-03-08T00:00:00

Link: CVE-2018-7768

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-07-03T14:29:00.757

Modified: 2018-08-21T17:00:57.510

Link: CVE-2018-7768

cve-icon Redhat

No data.