SQL Injection Vulnerability in HGiga EIP Document Management Page

SQL Injection Vulnerability in HGiga EIP Document Management Page

CVE-2021-22851 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.