Vendor

Infor

Products

CVEs

Across products

Status

Private

Products

CVE	Sev	Risk	CVSS	Published	Description
CVE-2017-7952	Hig	0.60	8.8	May 16, 2017	INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter.
CVE-2017-7953	Med	0.38	5.4	May 16, 2017	INFOR EAM V11.0 Build 201410 has XSS via comment fields.
CVE-2011-1915		0.00	—	Nov 1, 2011	SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution Management Solution 7.3.2.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2017-7952HigMay 16, 2017
risk 0.60cvss 8.8epss 0.00
INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter.
CVE-2017-7953MedMay 16, 2017
risk 0.38cvss 5.4epss 0.00
INFOR EAM V11.0 Build 201410 has XSS via comment fields.
CVE-2011-1915Nov 1, 2011
risk 0.00cvss —epss 0.00
SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution Management Solution 7.3.2.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.