Tag

Metasoft

1 brief RSS

Metasoft MetaCRM SQL Injection Vulnerability (CVE-2026-6629)

A SQL injection vulnerability (CVE-2026-6629) exists in Metasoft MetaCRM up to version 6.4.0, allowing remote attackers to execute arbitrary SQL commands via manipulation of the sql argument in the Statement.executeUpdate function of the sql.jsp file.

cve-2026-6629 sql-injection web-application metasoft

2r 1t 2w ago