Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
SD.NET RIM versions before 4.7.3c allow attackers to manipulate database
CVE-2019-25359
Summary
Older versions of SD.NET RIM have a security weakness that lets hackers inject malicious SQL code into the database. This could allow them to access or change sensitive information. You should update to version 4.7.3c or later to fix this issue.
Original title
SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST parameters 'idtyp' and 'idgremium'. Attackers can explo...
Original description
SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST parameters 'idtyp' and 'idgremium'. Attackers can exploit this vulnerability by crafting specially formed POST requests to the /vorlagen/ endpoint, enabling unauthorized database manipulation and potential information disclosure.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-352
Cross-Site Request Forgery (CSRF)
Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026