Description
A SQL Injection has been found on SCAN_VISIO eDocument Suite Web Viewer of Abast. This vulnerability allows an unauthenticated user to retrieve, update and delete all the information of database. This vulnerability was found on login page via "user" parameter.
No analysis available yet.
Remediation
Vendor Solution
Vulnerability has been fixed in later versions.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-26730 | A SQL Injection has been found on SCAN_VISIO eDocument Suite Web Viewer of Abast. This vulnerability allows an unauthenticated user to retrieve, update and delete all the information of database. This vulnerability was found on login page via "user" parameter. |
References
History
No history.
Subscriptions
No data.
Status: PUBLISHED
Assigner: INCIBE
Published:
Updated: 2024-08-06T14:56:52.651Z
Reserved: 2024-03-19T07:42:30.141Z
Link: CVE-2024-29732
Updated: 2024-08-02T01:10:55.524Z
Status : Deferred
Published: 2024-03-21T11:15:28.390
Modified: 2026-06-17T07:22:58.337
Link: CVE-2024-29732
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
EUVD