Client Application Firewall

SQLPad.Connections.SSTI

Description

This indicates an attack attempt to exploit a Server-Side Template Injection Vulnerability in SQLPad.
The vulnerability is due to insufficient validation of user-supplied inputs. A remote attacker can exploit this vulnerability by sending maliciously crafted request to a vulnerable application. Successful exploitation could result in arbitrary code execution in the security context of the application.

Affected Products

SQLPad prior to 6.10.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/sqlpad/sqlpad

Version Updates

Date	Version	Status	Detail
2025-09-09	34.080	Removed

ID	56591
Created	Sep 10, 2024
Updated	Sep 25, 2024
CVE ID
Risk
Exploit Prediction Score	73.19%
Default Action	drop
Affected OS	Windows, Linux, MacOS
Affected App	Other
Profile Type	Code Injection

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Client Application Firewall

SQLPad.Connections.SSTI

Description

Affected Products

Impact

Recommended Actions

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Client Application Firewall

SQLPad.Connections.SSTI

Description

Affected Products

Impact

Recommended Actions

Version Updates

Threat Intelligence
Center