SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2023-06-01T00:00:00
Updated: 2024-08-02T14:00:15.588Z
Reserved: 2023-05-11T00:00:00
Link: CVE-2023-29154
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-06-01T02:15:09.760
Modified: 2023-06-08T01:53:05.697
Link: CVE-2023-29154
Redhat
No data.