E-Sic 1.0 Password Reset SQL Injection Vulnerability
CVE-2017-15378 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the cpfcnpj parameter to the /reset URI).
Learn more about our Web Application Penetration Testing UK.