Security Advisory

CVE-2019-7755

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-30 16:49:28

Last updated 2024-08-04 20:54:28

Assigner mitre

State PUBLISHED

Description

In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.

← Browse all CVEs View on cve.org ↗