Vulnerabilities > Tecdiary > Simple POS > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-17 CVE-2018-17110 SQL Injection vulnerability in Tecdiary Simple POS 4.0.24
Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.
network
low complexity
tecdiary CWE-89
7.5
7.5