CVE-2024-6919

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Blind SQL Injection. This issue affects NACPremium: through 01082024.

critical 9.8 CVSS 3.1
Published: Sep 2, 2024
Modified: Jun 3, 2026
Vendor: Nac
Product: Nacpremium

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Blind SQL Injection.

This issue affects NACPremium: through 01082024.

References

Related CVEs

CVE-2024-6920 medium · 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Stored XSS. This issue a
CVE-2024-6921 high · 7.5
Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Retrieve Embedded Sensitive Data. This issue affects NACPremium: t