Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2018-18476
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.003
EPSS Ranking
53.4%
CVSS Severity
CVSS v3 Score
9.8
CVSS v2 Score
7.5
References
https://gist.github.com/viraptor/881276ea61e8d56bac6e28454c79f1e6
https://github.com/nedap/mysql-binuuid-rails/pull/18
https://gist.github.com/viraptor/881276ea61e8d56bac6e28454c79f1e6
https://github.com/nedap/mysql-binuuid-rails/pull/18
Products affected by CVE-2018-18476
Nedap
»
Mysql-Binuuid-Rails
»
Version:
1.0.0
cpe:2.3:a:nedap:mysql-binuuid-rails:1.0.0
Nedap
»
Mysql-Binuuid-Rails
»
Version:
1.1.0
cpe:2.3:a:nedap:mysql-binuuid-rails:1.1.0
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved