CVE-2018-11470
The CVE-2018-11470 entry applies to iScripts eSwap v2.4 and describes a SQL injection vulnerability in the User Panel caused by the search.php parameter named 'Told' . The vulnerability allows arbitrary SQL commands due to unsanitized input in the user-facing search feature and is reported with a...