Vulnerabilities > Epicor > Epicor Procurement

DATE CVE VULNERABILITY TITLE RISK
2014-10-10 CVE-2014-4313 SQL Injection vulnerability in Epicor Procurement
SQL injection vulnerability in Epicor Procurement before 7.4 SP2 allows remote attackers to execute arbitrary SQL commands via the User field.
network
low complexity
epicor CWE-89
7.5
7.5