2 matches found
CVE-2018-11372
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
CVE-2018-11372
CVE-2018-11372 affects iScripts eSwap v2.4. The issue is an SQL injection in the Wishlistdetailed.php User Panel ToId parameter, caused by unsafe handling of the ToId input. The vulnerability can enable attackers to view, add, modify, or delete data in the backend database (as described across mu...