Oempro 4.7 and 4.8
Octeth Oempro 4.7 and 4.8 allows SQL injection.
[Additional Information] I've found a SQL injection in Oempro 4.7. The parameter "CampaignID" in "Campaign.Get" is vulnerable to SQL Injection attacks.
[VulnerabilityType Other] SQL injection
[Vendor of Product] Octeth
[Affected Product Code Base] Oempro - 4.7
Oempro - 4.8
[Reference] https://www2.octeth.com/blog/
[Researcher] Bruno de Barros Bulle