Vulnerability Details CVE-2018-18804
Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/150012/Bakeshop-Inventory-System-In-VB.Net-MS-Access-Database-1.0-SQL-Injection.html
- https://www.exploit-db.com/exploits/45720/
- http://packetstormsecurity.com/files/150012/Bakeshop-Inventory-System-In-VB.Net-MS-Access-Database-1.0-SQL-Injection.html
- https://www.exploit-db.com/exploits/45720/
Products affected by CVE-2018-18804
-
cpe:2.3:a:bakeshop_inventory_system_project:bakeshop_inventory_system:1.0