Vulnerabilities

CVE-2019-13292

by Fred · 04/07/2019

A SQL Injection issue was discovered in webERP 4.15. Payments.php accepts payment data in base64 format. After this is decoded, it is deserialized. Then, this deserialized data goes directly into a SQL query, with no sanitizing checks.

Date published : 2019-07-04

https://www.exploit-db.com/exploits/47013

Similar

Tags: Cybersecurity Alert