CVE-2018-16659
CVE-2018-16659 affects Rausoft ID.prove 2.95. The login page is vulnerable to SQL injection in the Username POST parameter through stacked Microsoft SQL Server queries. Root cause: improper handling allowing stacked queries that can lead to command execution via master..xp_cmdshell. Documented im...