4 matches found
CVE-2018-17110
Simple POS 4.0.24 allows SQL Injection via a products/getproducts/ columns0searchvalue parameter in the management panel, as demonstrated by products/getproducts/1...
Sql injection
Simple POS 4.0.24 allows SQL Injection via a products/getproducts/ columns0searchvalue parameter in the management panel, as demonstrated by products/getproducts/1...
CVE-2018-17110
Simple POS 4.0.24 allows SQL Injection via a products/getproducts/ columns0searchvalue parameter in the management panel, as demonstrated by products/getproducts/1...
CVE-2018-17110
CVE-2018-17110 affects Simple POS, version 4.0.24, by allowing SQL Injection through the management panel's products/get_products/1 URL with the columns[0][search][value] parameter. The vulnerability targets the get_products function (columns[0][search][value]) enabling injection and is evidenced...