Critical severity9.8NVD Advisory· Published May 26, 2018· Updated Jun 17, 2026

CVE-2018-6411

Description

An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Appnitro/MachFormllm-create
Range: <4.2.3

Patches

Vulnerability mechanics

References

metalamin.github.io/MachForm-not-0-day-EN/nvdExploitThird Party Advisory
www.exploit-db.com/exploits/44804/nvdExploitThird Party AdvisoryVDB Entry
www.machform.com/blog-machform-423-security-release/nvdRelease NotesVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000