3 matches found
CVE-2025-29980
A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.7...
CVE-2025-29980 Blind SQL Injection vulnerability in eTRAKiT.Net
A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.7...
CVE-2025-29980
CVE-2025-29980 affects CentralSquare eTRAKiT.net 3.2.1.77, where an SQL injection due to improper input validation in the CRM feature allows a remote, unauthenticated attacker to run arbitrary commands as the current Microsoft SQL Server account. Impact is rated CRITICAL (CVSS v3.1: AV:N/AC:L/PR:...