cvedb.io
CVE-2018-12977
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2018-07-09T18:29:00.450 · Last modified 2026-06-17T01:38:38.440

Summary

A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section.

Affected products

softexpert — excellence_suite

Does this affect you?

Add your gear to cvedb and we'll alert you only when softexpert ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.