What the vulnerability does

01Description

A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password.

Key dates

02Disclosure timeline

January 18, 2018 CVE published
August 5, 2024 Record updated