MidnightBSD

Advisories for dingflow

CVE-2024-25168

SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface.

Products Affected

Vendor Product Version
dingflow snow 2.0.0