7.5
CVSSv2

CVE-2018-5993

Published: 17/02/2018 Updated: 01/03/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

SQL Injection exists in the Aist up to and including 2.0 component for Joomla! via the id parameter in a view=showvacancy request.

Affected Products

Vendor Product Versions
Aist ProjectAist2.0

Exploits

# # # # # Exploit Title: Joomla! Component Aist <= 20 - SQL Injection # Dork: N/A # Date: 16022018 # Vendor Homepage: aistbmsturu/ # Software Link: aistbmsturu/ # Version: <= 20 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: CVE-2018-5993 # # # # # Exploit Author: Ihsan Sencan # # # # # # POC: # # 1) ...

Mailing Lists

Joomla! Aist component versions 20 and below suffer from a remote SQL injection vulnerability ...