High severity7.2NVD Advisory· Published Jun 7, 2019· Updated Jun 17, 2026
CVE-2018-19462
CVE-2018-19462
Description
admin\db\DoSql.php in EmpireCMS through 7.5 allows remote attackers to execute arbitrary PHP code via SQL injection that uses a .php filename in a SELECT INTO OUTFILE statement to admin/admin.php.
Affected products
2- EmpireCMS/EmpireCMSdescription
- Range: <=7.5
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.