CVE-2024-6401

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection. This issue affects InsureE GL: before 4.6.2.

critical 9.8 CVSS 3.1
Published: Sep 16, 2024
Modified: Jun 3, 2026
Vendor: Sfs
Product: Insuree Gl

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.

This issue affects InsureE GL: before 4.6.2.

References

Related CVEs

CVE-2024-7098 critical · 9.8
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2.
CVE-2024-7104 critical · 9.8
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2.