CVE-2018-25202 in SAT CFDIالمعلومات

الملخص

بحسب MITRE • 26/03/2026

SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id' parameter in the signIn endpoint. Attackers can submit POST requests with boolean-based blind, stacked queries, or time-based blind SQL injection payloads to extract sensitive data or compromise the application.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

26/03/2026

إفشاء

26/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-353581

CPE

جاهز

CWE

CWE-89 (مؤكد)

استغلال

تحميل

CVSS

8.2 (CNA)

EPSS

0.00050

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-25202
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-25202
CVE Details	https://www.cvedetails.com/cve/CVE-2018-25202/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!