CVE-2023-4037

Published: 2023-10-04T12:15Z

Last Modified: 2024-11-21T08:34Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt