CVE-2018-17110

Publication date

2018-09-17 04:00:00

Family

mitre

State

PUBLISHED

Description

Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1.