7 matches found
EUVD-2017-15606
Malware in sbrugna...
CVE-2017-6550
Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson formerly ESBUS allow remote attackers to execute arbitrary SQL commands via the 1 TABLE parameter to esbus/servlet/GetSQLData or 2 QUERY parameter to KKLS9ReportingPortal/GetData...
Sql injection
Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson formerly ESBUS allow remote attackers to execute arbitrary SQL commands via the 1 TABLE parameter to esbus/servlet/GetSQLData or 2 QUERY parameter to KKLS9ReportingPortal/GetData...
CVE-2017-6550
Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson formerly ESBUS allow remote attackers to execute arbitrary SQL commands via the 1 TABLE parameter to esbus/servlet/GetSQLData or 2 QUERY parameter to KKLS9ReportingPortal/GetData...
CVE-2017-6550
CVE-2017-6550 affects Kinsey Infor-Lawson (formerly ESBUS). The vulnerability is a SQL injection in at least two parameters: (1) TABLE parameter to esbus/servlet/GetSQLData and (2) QUERY parameter to KK_LS9ReportingPortal/GetData. Exploitation enables remote attackers to execute arbitrary SQL com...
Multiple SQL Injection Vulnerabilities in Kinsey Infor-Lawson
Kinsey Infor-Lawson is Kinsey's effort to change the way organizations build and digest information. Kinsey Infor-Lawson suffers from multiple SQL injection vulnerabilities due to a failure to adequately validate user data before performing SQL queries. An attacker could exploit this vulnerabilit...
Kinsey InforLawson ESBUS - SQL Injection
Kinsey InforLawson ESBUS - SQL Injection Exploit Title: Kinsey Infor / Lawson ESBUS - Multiple SQL Injections Date: 3/10/2017 Exploit Author: Michael Benich Vendor homepage: http://www.kinsey.com/infor-lawson.html Version: ALL Tested on: Windows Server 2008 R2; MySQL ver 5.5 CVE: CVE-2017-6550...