CVE-2018-7318

high-risk

Published 2018-02-22

SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter.

Do I need to act?

25.3% chance of exploitation in next 30 days

EPSS score — higher than 75% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

44163

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (4)

Checklist

Data Integrator

Affected Vendors

Oracle Belitsoft

References (4)

Exploit https://exploit-db.com/exploits/44163

Third Party Advisory https://www.oracle.com/security-alerts/cpujan2021.html

Exploit https://exploit-db.com/exploits/44163

Third Party Advisory https://www.oracle.com/security-alerts/cpujan2021.html

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 15/34 · Moderate

Exposure 10/34 · Low