CVE-2012-5861

CVE-2012-5861: Sinapsi eSolar SQL Injection

Vendor Sinapsi
Product eSolar
Weakness CWE-89 · SQLi
Published November 23, 2012
Last update July 8, 2025

CVSS base score

What the vulnerability does

01Description

These Sinapsi devices do not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication within the device, attackers can leak information from the device. This could allow the attacker to compromise confidentiality.

Key dates

02Disclosure timeline

November 23, 2012 CVE published
July 8, 2025 Record updated