Vulnerability Details CVE-2019-10123
SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which is the backend for the AIS logistics mobile app) allows an anonymous attacker to execute arbitrary code in the context of the user of the MSSQL database. The default user for the database is the 'sa' user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.727
EPSS Ranking 98.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-10123
-
cpe:2.3:h:ais:esel-server:-
-
cpe:2.3:o:ais:logistic_software:67