Vulnerability Details CVE-2018-18832
admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID cookie to admin/admin.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://blog.whiterabbitxyj.com/cve/DKCMS_9.4_sql_injection.doc
- https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/DKCMS_9.4_sql_injection.doc
- https://blog.whiterabbitxyj.com/cve/DKCMS_9.4_sql_injection.doc
- https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/DKCMS_9.4_sql_injection.doc