CVE-2018-16445: SQL Injection
First published: Tue Sep 04 2018(Updated: )
An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Seacms Seacms | <=6.61 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-16445.
What is the severity level of CVE-2018-16445?
CVE-2018-16445 has a severity level of critical.
How does the SQL injection occur in CVE-2018-16445?
SQL injection occurs via the tid parameter in an adm1n/admin_topic_vod.php request in CVE-2018-16445.
What is the affected software version for CVE-2018-16445?
The affected software version for CVE-2018-16445 is SeaCMS up to and including version 6.61.
Is there a fix available for CVE-2018-16445?
Yes, a fix is available for CVE-2018-16445. It is recommended to update to a version of SeaCMS that is not affected by the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/seacms
- canonical/seacms seacms
- version/seacms seacms/6.61