2017-10-23 10:29:00 2017-10-31 22:58:18

SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/restrito/inc/buscacep.php (aka the zip code search script).