Primary

Context

Logo Software Diva SQL Injection Vulnerability Allowing Authorization Bypass

Vulnerability

A SQL injection vulnerability has been identified in Logo Software Diva versions through 4.56.00.00. This vulnerability allows for authorization bypass by manipulating SQL primary keys, enabling attackers to execute blind SQL injection attacks.

Impact

Exploitation of this vulnerability allows for SQL injection, which could be used to manipulate database queries, potentially leading to unauthorized data access or modification.

Remediation

Users are advised to upgrade to version 4.56.00.00 or later.

Added: Sep 18, 2025, 12:22 PM

Updated: Sep 18, 2025, 5:57 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Logo Software Diva SQL Injection Vulnerability Allowing Authorization Bypass

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating