SQL Injection in EMLsoft 5.4.5 via numPerPage parameter in action.user.php

SQL Injection in EMLsoft 5.4.5 via numPerPage parameter in action.user.php

CVE-2018-14967 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.