CVE-2018-19925
CVE-2018-19925 affects the Sales & Company Management System (SCMS) up to 2018-06-06, with a SQL injection vulnerability in the member/member_order.php endpoint via the type parameter and related to O_state. Multiple connected sources (RH, CNVD, NVD, CVE listings) corroborate an SQL injection tha...