VYPR
Unrated severityNVD Advisory· Published Sep 18, 2023· Updated Sep 25, 2024

SUNNET WMPro - SQL Injection

CVE-2023-35851

Description

SUNNET WMPro portal's FAQ function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to obtain sensitive information via a database.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Sun.net/WMProllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: V5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.