Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History.
CPE | Name | Operator | Version |
---|---|---|---|
sage_xrt_business_exchange | eq | 12.4.302 |