Unrated severityNVD Advisory· Published Oct 15, 2024· Updated Oct 17, 2024

SQL injection in QPLANT by TAI Smart Factory

CVE-2024-9925

Description

SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this vulnerability could allow a remote attacker to retrieve all database information by sending a specially crafted SQL query to the ‘email’ parameter on the ‘RequestPasswordChange’ endpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

TAI Smart Factory/QPLANT SFllm-create2 versions
= 1.0+ 1 more
- (no CPE)range: = 1.0
- (no CPE)range: 1.0

Patches

Vulnerability mechanics

References

incibe.es/en/incibe-cert/notices/aviso-sci/sql-injection-qplant-tai-smart-factorymitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000