← Back to CVE List

CVE-2023-40955

Published: 2023-09-15T00:15Z
Last Modified: 2024-11-21T08:20Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the select parameter in models/base_client.py component. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt