cpe:/a:softwarepublico:e-sic:1.0 CVE-2017-15373 2017-10-16T00:29:00.327-04:00 2017-10-27T10:22:09.347-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2017-10-26T21:37:39.577-04:00 EXPLOIT-DB 42979 MISC https://k33r0k.wordpress.com/2017/10/12/e-sic-sql-injection/ E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php (aka the search private area).