Critical severity9.9NVD Advisory· Published Oct 4, 2023· Updated Jun 17, 2026
CVE-2023-4037
CVE-2023-4037
Description
Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
23.7.1.2+ 1 more
- (no CPE)range: 3.7.1.2
- (no CPE)range: 3.7.1.2
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-setelsa-security-conacwinnvdThird Party Advisory
News mentions
0No linked articles in our index yet.