Oracle Retail Central Office CVE-2013-2397 SQL Injection Vulnerability
Oracle Retail Central Office is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This vulnerability affects the following supported versions:
13.1, 13.2, 13.3, 13.4