10 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.3%
Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData.
packetstormsecurity.com/files/141575/Kinseys-Infor-Lawson-SQL-Injection.html
seclists.org/fulldisclosure/2017/Mar/31
www.securityfocus.com/bid/96821
www.exploit-db.com/exploits/41577/