Описание
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.
EPSS
Процентиль: 70%
0.00621
Низкий
CVE ID
Связанные уязвимости
CVSS3: 8.8
nvd
почти 6 лет назад
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.
EPSS
Процентиль: 70%
0.00621
Низкий