CVE-2019-25299

Name of the Vulnerable Software and Affected Versions RimbaLinux AhadPOS version 1.11

Description An issue exists where crafted POST requests can manipulate database queries via the alamatCustomer parameter. This allows for the use of time-based and boolean-based blind SQL injection techniques to extract information or interact with the underlying database.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.