SalesERP 8.1 SQL injection vulnerability

Summary

SalesERP 8.1 has SQL injection vulnerability. By inserting SQL command into the Web form submission or entering the query string of domain name or page request, the attacker can eventually cheat the server to execute malicious SQL command.

Solution

At present, the manufacturer has issued an upgrade patch to fix the vulnerability.

http://www.codelist.cc/scripts/236407-erp-v810-business-erp-solution-product-shop-company-management-nulled.html