CVE-2018-14874

2019-04-3018:54:22

mitre

www.cve.org

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.5%

JSON

An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injection with an authenticated session.

References

neetech18.blogspot.com/2019/03/error-based-sql-injection-vulnerability.html