Vulnerabilities > Etere > Etereweb

DATE CVE VULNERABILITY TITLE RISK
2018-06-17 CVE-2018-10997 SQL Injection vulnerability in Etere Etereweb
Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword.
network
low complexity
etere CWE-89
critical
10.0