Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-18399

Publish Date: 17 Dec 2018

Source

                							

                CWE-89
Use CVE-2018-18399.

Credit: Ali Abdollahi
Description:
SQL injection vulnerability in the  "ContentPlaceHolder1_uxTitle" component
in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to
execute arbitrary SQL commands via the "id" parameter.

 Reference:
&gt; https://jco.ir/
&gt; http://yon.ir/pHjDN

&gt;
https://jco.ir/Product/Details/1054/%D8%B3%D8%A7%D9%85%D8%A7%D9%86%D9%87%20%D9%86%D8%B1%D9%85%20%D8%A7%D9%81%D8%B2%D8%A7%D8%B1%DB%8C%20%D9%86%D8%B8%D8%A7%D9%85%20%D9%BE%D8%B0%DB%8C%D8%B1%D8%B4%20%D9%88%20%D8%A8%D8%B1%D8%B1%D8%B3%DB%8C%20%D9%BE%DB%8C%D8%B4%D9%86%D9%87%D8%A7%D8%AF%D9%87%D8%A7%DB%8C%20%DA%A9%D8%A7
<p>

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

KARMA 6.0.0 SQL Injection

Vulmon Search

About

Products

Connect