CVE-2018-8943
Description
There is a SQL injection in the PHPSHE 1.6 userbank parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQL injection in PHPSHE 1.6 via userbank parameter allows arbitrary SQL execution.
Vulnerability
The userbank parameter in PHPSHE 1.6 is vulnerable to SQL injection. The vulnerability exists in the code handling the userbank input, where insufficient sanitization allows an attacker to inject arbitrary SQL commands. No authentication is required to trigger the vulnerability. [1]
Exploitation
An attacker can exploit this by sending a crafted HTTP request with a malicious value in the userbank parameter. The injection occurs during database queries, enabling the attacker to retrieve or modify data. The attack does not require any special privileges or user interaction. [1]
Impact
Successful exploitation allows an attacker to perform arbitrary SQL queries, potentially leading to data leakage, data modification, or authentication bypass. The impact includes disclosure of sensitive information and potential compromise of the application's data integrity. [1]
Mitigation
As of the publication date (2018-03-22) and based on available references, no official patch or updated version has been released for PHPSHE 1.6. Users should consider upgrading to a later version if available or apply input validation filters to the userbank parameter. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.seebug.org/vuldb/ssvid-97123mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.