CVE-2018-18804

EIP tracks 1 public exploit for CVE-2018-18804. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Bakeshop Inventory System 1.0, allowing authentication bypass via crafted input in the login form. The vulnerable code concatenates user input directly into a SQL query without sanitization.

Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.