SQL Injection in Professional Local Directory Script 1.0 via IndustryID and CategoryID Parameters

SQL Injection in Professional Local Directory Script 1.0 via IndustryID and CategoryID Parameters

CVE-2018-5973 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter.

Learn more about our Web Application Penetration Testing UK.