What the vulnerability does
01Description
The Danfoss AK-EM100 web forms allow for SQL injection in the login forms.
CVSS base score
10.0/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Key dates
02Disclosure timeline
June 11, 2023
CVE published
January 9, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-9317 SourceCodester Online Eyewear Shop Master.php delete_category sql injection
CVE-2026-31858 CraftCMS's `ElementSearchController` Affected by Blind SQL Injection
CVE-2026-2024 PhotoStack Gallery <= 0.4.1 - Unauthenticated SQL Injection via 'postid' Parameter
CVE-2024-2022 Netentsec NS-ASG Application Security Gateway list_ipAddressPolicy.php sql injection
CVE-2024-7499 itsourcecode Airline Reservation System flights.php sql injection
