VOXTRONIC Voxlog Professional Multiple Security Vulnerabilities

Summary
VOXTRONIC Voxlog Professional is prone to a file-disclosure vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An remote attacker can exploit these issues to obtain potentially sensitive information from local files on computers running the vulnerable application, or modify the logic of SQL queries. A successful exploit may allow the attacker to compromise the software, retrieve information, or modify data These may aid in further attacks. VOXTRONIC Voxlog Professional 3.7.2.729 and 3.7.0.633 are vulnerable other versions may also be affected.
References