2 matches found
CVE-2020-7493
A CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior formerly known as Vijeo XD which could cause malicious code execution when opening the project file...
CVE-2020-7493
The CVE-2020-7493 issue affects Schneider Electric EcoStruxure Operator Terminal Expert (3.1 Service Pack 1 and earlier, formerly Vijeo XD). The vulnerability is a SQL Injection (CWE-89) in handling project files that can lead to code execution when opening a crafted project file. Public sources ...