CVE-2018-6367
CVE-2018-6367 is a confirmed SQL injection in the Vastal I-Tech Buddy Zone Facebook Clone version 2.9.9. The vulnerability is triggered via the /chat_im/chat_window.php with the request_id parameter or via the /search_events.php with the category parameter. The NVD entry reports a CVSS v3.0 base ...