A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter.Referenceshttps://advantive.my.site.com/support/s/knowledgehttps://intezer.com/blog/research/xe-group-exploiting-zero-days/https://www.solissecurity.com/en-us/insights/xe-group-from-credit-card-skimming-to-exploiting-zero-days/
