Skip to main content
CVE-2021-3018 CRITICAL POC THREAT Act Now

ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ipeakcms
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
19.5%
CVE-2021-3021 CRITICAL Act Now

ISPConfig before 3.2.2 allows SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Ispconfig
NVD
CVSS 3.1
9.8
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy