Posted by SBA Research Advisory on Nov 24

### RXTEC_20150513 #### Title: SQL injection vulnerability in the RXTEC RXAdmin Login Page allows remote attackers to
execute arbitrary SQL commands via several HTTP parameter.
#### Type of vulnerability: SQL injection
##### Attack outcome: It is possible to extract all information from the database in use by the application.
Depending on the configuration of the SQL server arbitrary code execution might be possible.
#### Impact: Critical
####…