CVE-2024-13150

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Fayton Software and Consulting Services fayton.Pro ERP allows SQL Injection.

This issue affects fayton.Pro ERP: through 20250929.

Affected Software

VendorProductVersion RangeStatus
Fayton Software and Consulting Servicesfayton.pro ERP0 <= 20250929affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References