Etere · Etereweb · CVE-2018-10997
**Name of the Vulnerable Software and Affected Versions**
Etere EtereWeb versions prior to 28.1.20
**Description**
The issue is related to a pre-authentication blind SQL injection. This occurs in the POST parameters `txUserName` and `txPassword`.
**Recommendations**
For versions prior to 28.1.20, update to version 28.1.20 or later to resolve the issue.