SQL Injection Vulnerability in iScripts eSwap v2.4 via registration_settings.php ddlFree Parameter

SQL Injection Vulnerability in iScripts eSwap v2.4 via registration_settings.php ddlFree Parameter

CVE-2018-10050 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.