CVE-2023-36652
CVE-2023-36652 describes a SQL injection in ProLion CryptoSpike 3.0.15P2's users searching REST API endpoint. The underlying issue is unsafely constructed SQL in the search parameter, allowing remote authenticated attackers to read database data. Affected product: ProLion CryptoSpike (version 3.0...