cb
cvebase
.
~
/
products
/
dbsoft
/
sglac
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
dbsoft
/
Dbsoft Sglac
Dbsoft Sglac vulnerabilities
1 known vulnerability affecting
dbsoft/sglac
.
Track
Version
All versions
Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2020-12606
P2
CRITICAL
CVSS 9.8
fixed in 20.05.001
2020-08-17
CVE-2020-12606 [CRITICAL] CWE-89 CVE-2020-12606: An issue was discovered in DB Soft SGLAC before 20.05.001. The ProcedimientoGenerico method in the S An issue was discovered in DB Soft SGLAC before 20.05.001. The ProcedimientoGenerico method in the SVCManejador.svc webservice of the SGLAC web frontend allows an attacker to run arbitrary SQL commands on the SQL Server. Command execution can be easily achieved by using the xp_cmdshell stored procedure.
nvd
Dbsoft Sglac vulnerabilities | cvebase