Unrated severityNVD Advisory· Published Oct 27, 2018· Updated Aug 5, 2024
CVE-2018-18702
CVE-2018-18702
Description
spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.
Affected products
1- Range: = 7.0.11
Patches
Vulnerability mechanics
References
1- github.com/idreamsoft/iCMS/issues/42mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.