CVE-2017-15378

CVE-2017-15378

EPSS 1.4%

SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the cpfcnpj parameter to the /reset URI).

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/42981/http://whiteboyz.xyz/esic-software-publico-sql-injection.html