VYPR
Critical severity9.8NVD Advisory· Published Oct 18, 2018· Updated Jun 17, 2026

CVE-2018-18488

CVE-2018-18488

Description

In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.

Affected products

2
  • Gxlcms/Gxlcmsinferred2 versions
    = 2.0+ 1 more
    • (no CPE)range: = 2.0
    • (no CPE)range: =2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.