TripSpark VEO SQL注入漏洞

TripSpark VEO is a software solution from TripSpark, Inc. designed for the traffic and transportation sector to manage and optimize the operations of vehicles, equipment, and personnel. A security vulnerability exists in the TripSpark VEO Transportation NovusEDU-2.2.x-XPBB-20201123-184084 version...

PT-2023-12172 · Tripspark · Tripspark Veo Transportation

Name of the Vulnerable Software and Affected Versions: TripSpark VEO Transportation versions 2.2.x NovusEDU versions 2.2.x Description: The issue allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL...