Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-7318SQL Injection in Checklist

CWE-89SQL Injection4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
25.3%
top 3.79%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Belitsoft ChecklistOracle Data Integrator
Timeline
PublishedFeb 22
Latest updateMay 13

Description

SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDoracle/data_integrator11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0+2

🔴Vulnerability Details

2
GHSA
GHSA-hq96-92r9-qj27: SQL Injection exists in the CheckList 12022-05-13
CVEList
CVE-2018-7318: SQL Injection exists in the CheckList 12018-02-22

💥Exploits & PoCs

1
Exploit-DB
Joomla! Component CheckList 1.1.1 - SQL Injection2018-02-22
CVE-2018-7318 — SQL Injection in Belitsoft Checklist | cvebase