4 matches found
Schneider Electric U.motion Builder - SQL Injection
The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter. id: CVE-2018-7765 info: name: Schneider Electric U.motion...
CVE-2018-7765
The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter...
CVE-2018-7765
Schneider Electric U.motion Builder is affected by CVE-2018-7765 via track_import_export.php, where the SQLite query on object_id is vulnerable to SQL injection. Affected versions are prior to v1.3.4. Exploitation could lead to arbitrary SQL execution with high impact (C/H/I/H) as per CVSS3, with...
CVE-2018-7765
The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter...