Remote SQL Injection Vulnerability in FileRun (version 2017.09.18 and below)
CVE-2017-14738 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.