SQL Injection in Advance B2B Script 2.1.3 via show_id and pid parameters

SQL Injection in Advance B2B Script 2.1.3 via show_id and pid parameters

CVE-2017-17602 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.