MidnightBSD

Advisories for tecdiary

CVE-2018-17110 HIGH

Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tecdiary simple_pos 4.0.24