← back
CVE-2024-11504

SQL Injection in Streamsoft Prestiż

CVSS 8.6 HIGHEPSS 0.4%CWE-89
Input from multiple fields in Streamsoft Prestiż is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker.  This issue was fixed in 18.1.376.37 version of the software.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected products
Streamsoft · Streamsoft Prestiż

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert.pl/en/posts/2025/03/CVE-2024-7407/https://www.streamsoft.pl/streamsoft-prestiz/