Filtered by vendor Rausoft
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16659 | 1 Rausoft | 1 Id.prove | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via Microsoft SQL Server stacked queries in the Username POST parameter. Hypothetically, an attacker can utilize master..xp_cmdshell for the further privilege elevation. | |||||