Critical
CVSS 9.8
Overview
The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
CVE-2025-7343
The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthe...
Risk analysis
This vulnerability is rated 🔴 CRITICAL.
- CVSS: 9.8 (CRITICAL)
- Detected tags: sql (tag impact: MODERATE)
Recommended actions:
- Use parameterized queries/ORM (avoid string concatenation).
- Add WAF rules and input validation.