admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 01:31:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2019/CVE-2019-7755.md
0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00

21 lines
797 B
Markdown
Raw Blame History

### [CVE-2019-7755](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7755)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.
### POC
#### Reference
- https://www.exploit-database.net/?id=101060
- https://www.exploit-database.net/?id=101060
- https://www.exploit-db.com/exploits/46431/
- https://www.exploit-db.com/exploits/46431/
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink