SQL Injection in SortBy Parameter in SalesInquiry.php in webERP 4.15

SQL Injection in SortBy Parameter in SalesInquiry.php in webERP 4.15

CVE-2018-19435 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.