CVE-2023-50589
CRITICAL WAF: High
CVSS 9.8
Published: 2023-12-30
CWE-89
Grupo Embras GEOSIAP ERP v2.2.167.02 was discovered to contain a SQL injection vulnerability via the codLogin parameter on the login page.
WAF Coverage Analysis
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| embras | geosiap_erp | 2.2.167.02 |
References
- cheatsheetseries.owasp.org (Technical Description)
- github.com (Exploit, Third Party Advisory)
- owasp.org (Technical Description)