WebEOC contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to multiple unspecified scripts not properly sanitizing user-supplied input. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database. No further details have been provided.
Upgrade to version 6.0.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.