Sql injection

SQL injection vulnerability in the "ContentPlaceHolder1uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter...

CVE-2018-18399

SQL injection vulnerability in the "ContentPlaceHolder1uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter...

CVE-2018-18399

CVE-2018-18399 affects KARMA 6.0.0 (ArchiveNews.aspx, ContentPlaceHolder1_uxTitle). The vulnerability is a SQL injection in the id parameter that allows remote execution of arbitrary SQL commands. CVSS v3.0 base score 9.8 (CRITICAL; Network, no auth, UI=None). No remediation details are provided ...

CVE-2018-18399

SQL injection vulnerability in the "ContentPlaceHolder1uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter...

KARMA 6.0.0 SQL Injection Vulnerability

Exploit for php platform in category web applications CWE-89 Use CVE-2018-18399. Credit: Ali Abdollahi Description: SQL injection vulnerability in the "ContentPlaceHolder1uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via th...

KARMA 6.0.0 SQL Injection

CWE-89 Use CVE-2018-18399. Credit: Ali Abdollahi Description: SQL injection vulnerability in the "ContentPlaceHolder1uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter. Reference: https://jco.ir/...