3 matches found
CVE-2017-8796
An issue was discovered on Accellion FTA devices before FTA912180. Because mysqlrealescapestring is misused, seos/courier/communicationp2p.php allows SQL injection with the appid parameter...
CVE-2017-8796
An issue was discovered on Accellion FTA devices before FTA912180. Because mysqlrealescapestring is misused, seos/courier/communicationp2p.php allows SQL injection with the appid parameter...
CVE-2017-8796
CVE-2017-8796 affects Accellion FTA devices prior to FTA_9_12_180. The issue is a misuse of mysql_real_escape_string in seos/courier/communication_p2p.php, enabling SQL injection via the app_id parameter. Impact is high: potential for unauthorized data access/manipulation; CVSS v3.0 base score 9....