2 matches found
CVE-2025-62575
CVE-2025-62575 concerns NMIS/BioDose software (V22.02 and earlier) that relies on a Microsoft SQL Server database. The root cause is that the default SQL account nmdbuser (and other created accounts) has the sysadmin role, enabling potential remote code execution through certain built‑in stored p...
PT-2025-48778
NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and other created accounts by default have the sysadmin role. This can lead to remote code execution through the use of certain built-in stored procedures...