Sql injection

2021-07-2115:15:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

SQL injection in Logon Page in MV’s mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information.

CPENameOperatorVersion
mconnecteq02.001.00
mconnecteq2013.1.6.8

CPE	Name	Operator	Version
	mconnect	eq	02.001.00
	mconnect	eq	2013.1.6.8

References

github.com/ifmacedo/mconnect/blob/main/SQLinjection

www.linkedin.com/pulse/mconnect-mv-sql-injection-parcial-iran/