CVE-2017-15373

2017-10-1604:29:00

CWE-89

web.nvd.nist.gov

cve-2017-15373

e-sic 1.0

sql injection

q parameter

lkpcep.php

search private area

9.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.2%

CPENameOperatorVersion
softwarepublico:e\-sicsoftwarepublico e-siceq1.0

CPE	Name	Operator	Version
softwarepublico:e\-sic	softwarepublico e-sic	eq	1.0

References

k33r0k.wordpress.com/2017/10/12/e-sic-sql-injection/

www.exploit-db.com/exploits/42979/