2 matches found
CVE-2023-3793 Weaver e-cology HTTP POST Request filelFileDownloadForOutDoc.class sql injection
A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...
CVE-2023-3793
CVE-2023-3793 affects Weaver e-cology. The vulnerability resides in the HTTP POST Request Handler, specifically the filelFileDownloadForOutDoc.class, where the fileid parameter can be manipulated (example: 1+WAITFOR+DELAY) to yield SQL injection. Affected versions are prior to 10.58.0. Upgrading ...