CVE-2018-25199 in OOP CMS BLOG정보

요약

\~에 의해 MITRE • 2026. 03. 06.

OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id parameter in posts.php to extract database information including table names, schema names, and database credentials.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

VulnCheck

예약하다

2026. 03. 06.

공개

2026. 03. 06.

모더레이션

수락

항목

VDB-349461

CPE

준비됨

CWE

CWE-89 (확인됨)

익스플로잇

다운로드

CVSS

9.8 (NVD)

EPSS

0.00237

KEV

아니요

활동

매우 낮음

부문

Education

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-25199
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-25199
CVE Details	https://www.cvedetails.com/cve/CVE-2018-25199/

◂ 이전 개요 다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!