CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Rausoft: >> Id.prove Security Vulnerabilities

CVE-2018-16659

An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via Microsoft SQL Server stacked queries in the Username POST parameter. Hypothetically, an attacker can utilize master..xp_cmdshell for the further privilege elevation.

CVSS Score

9.8

EPSS Score

0.011

Published

2018-09-28

Page 1

Vulnerabilities

Vulnerable Software

Rausoft: >> Id.prove Security Vulnerabilities

Products

Pricing

Contact Us