EUVD-2018-21644

Facturation System 1.0 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'modid' parameter. Attackers can send POST requests to the editarproducto.php endpoint with crafted SQL payloads in the modid...

CVE-2018-25191

Facturation System 1.0 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'modid' parameter. Attackers can send POST requests to the editarproducto.php endpoint with crafted SQL payloads in the modid...

CVE-2018-25191 Facturation System 1.0 SQL Injection via editar_producto.php

Facturation System 1.0 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'modid' parameter. Attackers can send POST requests to the editarproducto.php endpoint with crafted SQL payloads in the modid...

CVE-2018-25191

Facturation System 1.0 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'modid' parameter. Attackers can send POST requests to the editarproducto.php endpoint with crafted SQL payloads in the modid...

CVE-2018-25191

CVE-2018-25191 affects Facturation System 1.0. It describes an SQL injection in the editar_producto.php endpoint, exploitable by authenticated attackers via POST requests that submit crafted payloads in the mod_id parameter. The vulnerability allows extraction of sensitive data (usernames, databa...