SQL Injection Vulnerability in iScripts eSwap v2.4 User Panel's search.php 'Told' Parameter

SQL Injection Vulnerability in iScripts eSwap v2.4 User Panel's search.php 'Told' Parameter

CVE-2018-11470 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.