SQL Injection Vulnerability in E-Sic 1.0 via f Parameter in zip code search script

SQL Injection Vulnerability in E-Sic 1.0 via f Parameter in zip code search script

CVE-2017-15381 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/restrito/inc/buscacep.php (aka the zip code search script).

Learn more about our Web Application Penetration Testing UK.