Skip to main content

K Iwi

1 CVEs product

Monthly

CVE-2018-18755 CRITICAL POC Act Now

K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi K Iwi
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
3.1%
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi K Iwi
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy