SQL Injection Vulnerability in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0

SQL Injection Vulnerability in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0

CVE-2017-17721 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.