CVE-2019-7755
N/A
N/A
Summary
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.exploit-db.com/exploits/46431/
- https://www.weberp.org
- https://www.exploit-database.net/?id=101060
References
- https://www.exploit-db.com/exploits/46431/
- https://www.weberp.org
- https://www.exploit-database.net/?id=101060
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.