Unrated severityNVD Advisory· Published Sep 14, 2023· Updated Sep 25, 2024
CVE-2023-40957
CVE-2023-40957
Description
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the request parameter in models/base_client.py component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Didotech srl/Engineering & Lifecycle Managementdescription
- Range: <=16.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.