Critical severity9.8NVD Advisory· Published Nov 29, 2018· Updated Jun 17, 2026
CVE-2018-18619
CVE-2018-18619
Description
internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter. NOTE: The product is discontinued.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 1.0
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/150261/Advanced-Comment-System-1.0-SQL-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2018/Nov/30nvdExploitMailing ListThird Party Advisory
- www.exploit-db.com/exploits/45853/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.