CVE-2018-18450

apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has SQL Injection, as demonstrated by the POST data to the admin.php/Single/mod/mcode/1/id/3 URI.
References
Link Resource
http://www.ttk7.cn/post-96.html Exploit Third Party Advisory
https://www.pbootcms.com/changelog.html Product Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:pbootcms:pbootcms:*:*:*:*:*:*:*:*

Information

Published : 2018-10-17 15:29

Updated : 2019-03-07 07:49


NVD link : CVE-2018-18450

Mitre link : CVE-2018-18450


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

pbootcms

  • pbootcms