CVE-2018-19462

admindbDoSql.php in EmpireCMS through 7.5 allows remote attackers to execute arbitrary PHP code via SQL injection that uses a .php filename in a SELECT INTO OUTFILE statement to admin/admin.php.
Configurations

Configuration 1

cpe:2.3:a:phome:empirecms:*:*:*:*:*:*:*:*

Information

Published : 2019-06-07 05:29

Updated : 2020-08-24 05:37


NVD link : CVE-2018-19462

Mitre link : CVE-2018-19462

Products Affected
No products.
CWE