CVE-2017-7997 2018-01-08T14:29:01.000-05:00 2018-02-01T14:11:05.147-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2018-01-23T13:40:35.643-05:00 FULLDISC 20180105 [CVE-2017-7997] Gespage SQL Injection vulnerability EXPLOIT-DB 43447 MISC https://sysdream.com/news/lab/2018-01-02-cve-2017-7997-gespage-sql-injection-vulnerability/ Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.