CVE-2018-17110

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0200%

EPSS Percentile29.28th

PublishedSep 17, 2018

Last ModifiedNov 21, 2024

Vulnerability Description

Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.

Affected Platforms (CPE)

📦

Tecdiary

Simple Pos

= 4.0.24

References & Advisories

🔗 https://www.exploit-db.com/exploits/45328/

Related Vulnerabilities

CVE-2021-414929.8

Multiple SQL Injection vulnerabilities exist in Sourcecodester Simple Cashiering System (POS) 1.0 via the (1) Product Code in the ...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...