What the vulnerability does
01Description
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS base score
—
Key dates
02Disclosure timeline
August 28, 2014
CVE published
October 31, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2022-45805 WordPress Paytm Payment Gateway Plugin <= 2.7.3 is vulnerable to SQL Injection
CVE-2026-40814 Unauthenticated SQLi in _mb24confi_getTagAlarm function
CVE-2025-3684 Xianqi Kindergarten Management System Child Management stu_list.php sql injection
CVE-2025-4766 PHPGurukul Zoo Management System profile.php sql injection
CVE-2025-22639 WordPress Distance Rate Shipping for WooCommerce plugin <= 1.3.4 - SQL Injection vulnerability
