CVE-2018-17110

Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.
References
Link Resource
https://www.exploit-db.com/exploits/45328/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:tecdiary:simple_pos:4.0.24:*:*:*:*:*:*:*

Information

Published : 2018-09-17 04:29

Updated : 2018-11-09 06:58


NVD link : CVE-2018-17110

Mitre link : CVE-2018-17110

Products Affected
No products.
CWE