mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
774 B
774 B
CVE-2018-18399
Description
SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter.
POC
Reference
- http://packetstormsecurity.com/files/150810/KARMA-6.0.0-SQL-Injection.html
- http://packetstormsecurity.com/files/150810/KARMA-6.0.0-SQL-Injection.html
Github
No PoCs found on GitHub currently.