CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-7463

SQL injection vulnerability in files.php in the "files" component in ASANHAMAYESH CMS 3.4.6 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://cxsecurity.com/issue/WLB-2018020278
https://cxsecurity.com/issue/WLB-2018020278

Products affected by CVE-2018-7463

Asanhamayesh » Asanhamayesh Cms » Version: 3.4.6

cpe:2.3:a:asanhamayesh:asanhamayesh_cms:3.4.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7463

Products

Pricing

Contact Us