7.5
CVSSv2

CVE-2018-19415

Published: 03/01/2019 Updated: 14/01/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to join_group.php or (2) comment_id parameter to story.php.

Vulnerability Trend

Affected Products

Vendor Product Versions
PlikliPlikli Cms4.0.0

Mailing Lists

Hello, We are glad to inform you about the vulnerabilities we reported in Plikli 400 Cross-site Scripting details: Advisory by Netsparker Name: Cross-site Scripting Vulnerabilities in Plikli CMS Affected Software: Plikli Affected Versions: 400 Homepage: wwwpliklicom/ Vulnerability: Cross-site Scripting Severity: High Status: Fixed ...