CVE-2025-0792 | ESAFENET CDG V5 /sdTodoDetail.jsp flowId sql injection

A vulnerability, which was classified as critical, was found in ESAFENET CDG V5. Affected is an unknown function of the file /sdTodoDetail.jsp. The manipulation of the argument flowId leads to sql injection.

This vulnerability is traded as CVE-2025-0792. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-0792 | ESAFENET CDG V5 /sdTodoDetail.jsp flowId sql injection

Related Posts

CVE-2024-6729 | SourceCodester Kortex Lite Advocate Office Management System 1.0 /control/add_act.php aname sql injection

CVE-2024-35743 | Siteclean SC Filechecker Plugin up to 0.6 on WordPress path traversal

CVE-2024-21544 | spatie browsershot up to 5.0.0 URL Validation setUrl file inclusion (SNYK-PHP-SPATIEBROWSERSHOT-8496745)

CVE-2024-47964 | Delta Electronics CNCSoft-G2 2.1.0.10 heap-based overflow (icsa-24-284-21)