CVE-2017-14851

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypass.

Date published : 2019-06-03

http://www.securityfocus.com/bid/108167

https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01