CVE-2023-29154

SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt