SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information..
| Info | Details |
|---|---|
| CVE ID | CVE-2021-26837 |
| CVE State | PUBLISHED |
| BaseScore | NA |
| BaseSeverity | NA |
| VectorString | NA |
| Version | NA |
References for CVE-2021-26837 :
https://community.helpsystems.com/knowledge-base/rjs/delivernow/overview/
https://susos.co/blog/f/cve-disclosure-sedric-louissaints-discovery-of-sql-injection-in
| Metric Type | Metric Score |
|---|---|
| AttackVector(AV) | NA |
| AttackComplexity(AC) | NA |
| PrivilegesRequired(PR) | NA |
| UserInteraction(UI) | NA |
| Scope(S) | NA |
| Confidentiality(C) | NA |
| Availability(A) | NA |
| Integrity(I) | NA |