Blind SQL Injection Vulnerability in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24
CVE-2020-24569 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knximport component via an advanced attack vector, allowing logged in attackers to discover arbitrary information.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.