CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-13045

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0810%
EPSS Percentile14.69th
Published2019年1月2日
Last Modified2024年11月21日

Vulnerability Description

SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.

Affected Platforms (CPE)

📦
Yeswiki

Cercopitheque

<= 2018-06-19-1

References & Advisories

🔗 http://packetstormsecurity.com/files/150848/Yeswiki-Cercopitheque-SQL-Injection.html
🔗 https://www.exploit-db.com/exploits/46015/
🔗 http://packetstormsecurity.com/files/150848/Yeswiki-Cercopitheque-SQL-Injection.html
🔗 https://www.exploit-db.com/exploits/46015/

相关漏洞威胁

CVE-2018-10006419.8

YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...