CVE-2014-4313
The CVE-2014-4313 entry describes a SQL injection vulnerability in Epicor Procurement before 7.4 SP2 that allows remote attackers to execute arbitrary SQL commands via the User field. Affected component: Epicor Procurement (before 7.4 SP2). Root cause: improper input handling enabling SQL injecti...