← volver
CVE-2024-11504

SQL Injection in Streamsoft Prestiż

CVSS 8.6 HIGHEPSS 0.4%CWE-89
Input from multiple fields in Streamsoft Prestiż is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker.  This issue was fixed in 18.1.376.37 version of the software.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Productos afectados
Streamsoft · Streamsoft Prestiż

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cert.pl/en/posts/2025/03/CVE-2024-7407/https://www.streamsoft.pl/streamsoft-prestiz/