Skip to main content

Bpm Online Crm System Sdk

1 CVEs product

Monthly

CVE-2019-15301 CRITICAL Act Now

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Bpm Online Crm System Sdk
NVD
CVSS 3.1
9.8
EPSS
1.5%
EPSS 1% CVSS 9.8
CRITICAL Act Now

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Bpm Online Crm System Sdk
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy