SQL Injection Vulnerability in iScripts eSwap v2.4 via registration_settings.php ddlFree Parameter
CVE-2018-10050 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.