SQL Injection in Advanced World Database 2.0.5 via city.php and state.php parameters

SQL Injection in Advanced World Database 2.0.5 via city.php and state.php parameters

CVE-2017-17640 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.