Back to CVE Browser

CVE-2018-13045

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0810%

EPSS Percentile14.69th

PublishedJan 2, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.

Affected Platforms (CPE)

📦

Yeswiki

Cercopitheque

<= 2018-06-19-1

References & Advisories

🔗 http://packetstormsecurity.com/files/150848/Yeswiki-Cercopitheque-SQL-Injection.html

🔗 https://www.exploit-db.com/exploits/46015/

🔗 http://packetstormsecurity.com/files/150848/Yeswiki-Cercopitheque-SQL-Injection.html

🔗 https://www.exploit-db.com/exploits/46015/

Related Vulnerabilities

CVE-2018-10006419.8

YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i...

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...

CVE-2018-409110.0

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Sandbox" component. I...

CVE-2018-1071810.0

Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to...