4 matches found
CVE-2022-41671
A CWE-89: Improper Neutralization of Special Elements used in SQL Command ‘SQL Injection’ vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected...
CVE-2022-41671
creationtimestamp| type| source ---|---|--- 2022-11-04 17:46:05+00:00| seen| https://t.me/cibsecurity/52565 2025-05-01 19:14:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14372...
CVE-2022-41671
A CWE-89: Improper Neutralization of Special Elements used in SQL Command ‘SQL Injection’ vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected...
CVE-2022-41671
CVE-2022-41671 corresponds to an SQL Injection (CWE-89) in Schneider Electric EcoStruxure Operator Terminal Expert (V3.3 Hotfix 1 or prior) and Pro-face BLUE (V3.3 Hotfix 1 or prior). The vulnerability arises from improper neutralization of SQL commands, enabling local-privilege adversaries to cr...