Vulnerabilities > Terrasoft

DATE CVE VULNERABILITY TITLE RISK
2019-09-18 CVE-2019-15301 SQL Injection vulnerability in Terrasoft BPM Online CRM System SDK 7.13
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter.
network
low complexity
terrasoft CWE-89
critical
 9.8
9.8