1. Home
  2. CVE Database
  3. CVE-2018-17843
CRITICAL · 9.8

CVE-2018-17843

SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM ...

Vulnerability Description

SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
MlmsoftwarezAdd Clicking Mlm Software1.0
MlmsoftwarezAutopool Mlm Software1.0
MlmsoftwarezBidding Mlm Software1.0
MlmsoftwarezBinary Mlm Software1.0
MlmsoftwarezGift Mlm Software1.0
MlmsoftwarezInvestmen Mlm Software1.0
MlmsoftwarezLevel Mlm Software1.0
MlmsoftwarezMoneyorder Mlm Software1.0
MlmsoftwarezRepurchase Mlm Software1.0
MlmsoftwarezSingleleg Mlm Software1.0

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2018-17843?

CVE-2018-17843 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM ...

How severe is CVE-2018-17843?

CVE-2018-17843 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-17843?

Check the references section above for vendor advisories and patch information. Affected products include: Mlmsoftwarez Add Clicking Mlm Software, Mlmsoftwarez Autopool Mlm Software, Mlmsoftwarez Bidding Mlm Software, Mlmsoftwarez Binary Mlm Software, Mlmsoftwarez Gift Mlm Software.