2 matches found
CVE-2021-41932
A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc...
CVE-2021-41932
CVE-2021-41932 concerns Wolters Kluwer TeamMate+ Audit, affected version 28.0.19.0. A blind SQL injection exists in the search form, enabling any authenticated user to inject malicious SQL. The underlying cause is a lack of proper filtering/escaping of SQL data in the search forms. Reported impac...