6.5
CVSSv2

CVE-2019-7755

Published: 30/03/2020 Updated: 02/04/2020
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection.

Vulnerability Trend

Affected Products

Vendor Product Versions
WeberpWeberp4.15