Security Advisory

CVE-2018-18702

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-27 19:00:00

Last updated 2024-08-05 11:16:00

Assigner mitre

State PUBLISHED

Description

spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.

← Browse all CVEs View on cve.org ↗