Sql injection

2020-02-0321:15:00

PRIOn knowledge base

www.prio-n.com

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.4%

eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).

CPENameOperatorVersion
eg_managereq7.1.2

CPE	Name	Operator	Version
	eg_manager	eq	7.1.2

References

pyaefromucsp.blogspot.com/2020/02/eg-manager-v712-sql-injection-lead-to_56.html