CVE-2021-34235
CRITICALTokheim Profleet DiaLOG 11.005.02 - SQL Injection via Field__UserLogin Parameter
Title source: llmDescription
Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the Field__UserLogin parameter on the logon page.
References (1)
Core 1
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/165944/Tokheim-Profleet-DiaLOG-Fuel-Management-System-11.005.02-SQL-Injection-Code-Execution.html
Scores
CVSS v3
9.8
EPSS
0.0193
EPSS Percentile
77.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (2)
tsg-solutions/tokheim_profleet_dialog
11.005.02
tsg-solutions/tokheim_profleet_dialog
16.001.05
Published
Feb 11, 2022
Tracked Since
Feb 18, 2026