Simopro Technology|WinMatrix3 Web package – SQL Injection

July 21, 2025 invoker category_cve

CVE Details

Basic Information

Title Simopro Technology|WinMatrix3 Web package – SQL Injection
Type cve
Published 2025-07-21T06:12:49.798Z
Modified 2025-07-21T06:31:53.410Z

Product Information

Vendor Simopro Technology
Product WinMatrix3 Web package
Version 0

CVSS Information

Base Score 9.3 (CRITICAL)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

AI Analysis

AI Description A SQL Injection vulnerability in Simopro Technology’s WinMatrix3 Web package allows unauthenticated attackers to execute arbitrary SQL commands, potentially leading to unauthorized data access and modification.
AI Severity Critical
AI Vendor Simopro Technology
AI Product WinMatrix3 Web package
AI Version 0

Affected Products

  • Simopro Technology WinMatrix3 Web package 0

Additional Information

CWE List CWE-89
Source twcert

Description

WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.