CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-19925

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/Venan24/SCMS/issues/3
https://github.com/Venan24/SCMS/issues/3

Products affected by CVE-2018-19925

Sales & Company Management System Project » Sales & Company Management System » Version: N/A

cpe:2.3:a:sales_&_company_management_system_project:sales_&_company_management_system:-
Sales & Company Management System Project » Sales & Company Management System » Version: 2018-06-06

cpe:2.3:a:sales_&_company_management_system_project:sales_&_company_management_system:2018-06-06

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19925

Products

Pricing

Contact Us