SQL Injection Vulnerability in HELM 3.1.19 and Earlier: Remote Code Execution via messageToUserAccNum Parameter

SQL Injection Vulnerability in HELM 3.1.19 and Earlier: Remote Code Execution via messageToUserAccNum Parameter

CVE-2004-1498 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.

Learn more about our User Device Pen Test.