CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-26837
https://notcve.org/view.php?id=CVE-2021-26837
SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information. La vulnerabilidad de inyección SQL en el parámetro SearchTextBox en Fortra (Formerly HelpSystems) DeliverNow antes de la versión 1.2.18, permite a los atacantes ejecutar código arbitrario, escalar privilegios y obtener información sensible. • https://community.helpsystems.com/knowledge-base/rjs/delivernow/overview https://susos.co/blog/f/cve-disclosure-sedric-louissaints-discovery-of-sql-injection-in • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •