CVE-2024-0857

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0.

critical 9.8 CVSS 3.1
Published: Jul 18, 2024
Modified: Jun 3, 2026
Vendor: Uni-Yaz
Product: Flexwater Corporate Water Management

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection.

This issue affects FlexWater Corporate Water Management: before 5.452.0.

References

Related CVEs

CVE-2026-1619 high · 8.3
Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers. This issue affects FlexCity/Ki
CVE-2025-14349 high · 8.8
Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Prope
CVE-2026-1618 high · 8.8
Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation. This issue affects FlexCity/Kiosk: fr