CVE-2018-19061: SQL Injection
First published: Wed Nov 07 2018(Updated: )
DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dedecms v6 | =5.7-sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-19061?
CVE-2018-19061 has a medium severity level due to its potential impact on database security.
How do I fix CVE-2018-19061?
To fix CVE-2018-19061, update DedeCMS to the latest version or apply security patches that address SQL injection vulnerabilities.
What are the potential impacts of CVE-2018-19061?
The potential impacts of CVE-2018-19061 include unauthorized access to sensitive data and manipulation of database content.
Is CVE-2018-19061 specific to any version of DedeCMS?
Yes, CVE-2018-19061 specifically affects DedeCMS version 5.7 SP2.
Are there any known exploits for CVE-2018-19061?
Yes, there have been reports of active exploitation of CVE-2018-19061, emphasizing the need for immediate remediation.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dedecms
- canonical/dedecms v6
- version/dedecms v6/5.7-sp2