RSS   Vulnerabilities for 'Karma'   RSS

2018-12-20
 
CVE-2018-18399

CWE-89
 

 
SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter.

 


Copyright 2019, cxsecurity.com

 

Back to Top