Unauthenticated SQL Injection Vulnerability in CMG Suite 8.4 SP2 and Earlier
CVE-2018-18285 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the login interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
Learn more about our Web Application Penetration Testing UK.