CVE-2020-37033

Name of the Vulnerable Software and Affected Versions Infor Storefront B2B version 1.0

Description Infor Storefront B2B version 1.0 contains a SQL injection issue that allows attackers to manipulate database queries. This is achieved through the usr name parameter within login requests. Attackers can inject malicious SQL code into the usr name parameter, potentially allowing them to extract or modify database information. The vulnerable API endpoint is the login request.

Recommendations Versions prior to 1.0 should be updated.