Lucene search
PRIOn knowledge basePRION:CVE-2018-17796HistorySep 30, 2018 - 8:29 p.m.
Sql injection
2018-09-3020:29:00
PRIOn knowledge base
www.prio-n.com
3
0.002 Low
EPSS
Percentile
56.0%
An issue was discovered in MRCMS (aka mushroom) through 3.1.2. The WebParam.java file directly accepts the FIELD_T parameter in a request and uses it as a hash of SQL statements without filtering, resulting in a SQL injection vulnerability in getChannel() in the ChannelService.java file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mushroom_content_management_system | le | 3.1.2 |
References
Related
cve
cve
CVE-2018-17796
2018-09-30 20:29:00
osv
osv
CVE-2018-17796
2018-09-30 20:29:00
cvelist
cvelist
CVE-2018-17796
2018-09-30 20:00:00
nvd
nvd
CVE-2018-17796
2018-09-30 20:29:00