CVE-2018-18399

SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter.
References
Configurations

Configuration 1

cpe:2.3:a:jco:karma:6.0.0:*:*:*:*:*:*:*

Information

Published : 2018-12-20 11:29

Updated : 2019-01-09 03:31


NVD link : CVE-2018-18399

Mitre link : CVE-2018-18399

Products Affected
No products.
CWE