VYPR

Infor Lawson

by Kinsey

CVEs (1)

  • CVE-2017-6550CriMar 20, 2017
    risk 0.67cvss 9.8epss 0.04

    Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData.