01 Oct 2018
CVE-2018-17831 - CVE Vulnerability
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rex_list class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rex_list were used. (CVSS:0.0) (Last Update:2018-10-01)
Vulnerability Details : In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rex_list class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rex_list were used. Publish Date : 2018-10-01 Last Update Date : 2018-10-01 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-17831
- References For CVE-2018-17831
| ||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-17831There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |