Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files.
References
| Link | Resource |
|---|---|
| http://medical.com | Not Applicable |
| http://medical.com | Not Applicable |
| http://weblab.com | Not Applicable |
| http://weblab.com | Not Applicable |
| https://medium.com/%40waadalbyalii5/sql-injection-in-wsdl-file-c66fa00042f5 | |
| https://medium.com/%40waadalbyalii5/sql-injection-in-wsdl-file-c66fa00042f5 |
Configurations
History
27 Jan 2025, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://medical.com - Not Applicable | |
| References | () http://weblab.com - Not Applicable |
07 Nov 2023, 04:11
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
20 May 2023, 00:43
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Medisys weblab
Medisys |
|
| CWE | CWE-89 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| References | (MISC) http://medical.com - Not Applicable | |
| References | (MISC) http://weblab.com - Not Applicable | |
| References | (MISC) https://medium.com/@waadalbyalii5/sql-injection-in-wsdl-file-c66fa00042f5 - Exploit, Third Party Advisory | |
| CPE | cpe:2.3:a:medisys:weblab:19.4.03:*:*:*:*:*:*:* |
11 May 2023, 13:36
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-05-11 13:15
Updated : 2025-01-27 17:15
NVD link : CVE-2023-29863
Mitre link : CVE-2023-29863
JSON object : View
Products Affected
medisys
- weblab
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')