CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-13045

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0810%
EPSS Percentile14.69th
Published2019年1月2日
Last Modified2024年11月21日

Vulnerability Description

SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.

Affected Platforms (CPE)

📦
Yeswiki

Cercopitheque

<= 2018-06-19-1

References & Advisories

🔗 http://packetstormsecurity.com/files/150848/Yeswiki-Cercopitheque-SQL-Injection.html
🔗 https://www.exploit-db.com/exploits/46015/
🔗 http://packetstormsecurity.com/files/150848/Yeswiki-Cercopitheque-SQL-Injection.html
🔗 https://www.exploit-db.com/exploits/46015/

相關漏洞威脅

CVE-2018-10006419.8

YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i...

CVE-2018-1071810.0

Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to...

CVE-2018-022210.0

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an...

CVE-2018-026810.0

A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenti...