CVE-2018-18758
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-18758
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Open Faculty Evaluation System SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Open Faculty Evaluation System是一套基于PHP和MySQL的教师评估系统。该系统提供基于Web的图形报告和Excel文件报告,并支持学生对教师科目评级。 Open Faculty Evaluation System 7版本(PHP 7)中的submit_feedback.php文件存在SQL注入漏洞。该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-18758
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-18758
请登录查看更多情报信息。
- https://www.exploit-db.com/author/?a=8844x_refsource_MISC
- https://www.exploit-db.com/exploits/45707x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-18758
Same Patch Batch · n/a · 2019-06-19 · 86 CVEs total
| CVE-2018-17386 | Joomla! Micro Deal Factory SQL注入漏洞 | |
| CVE-2018-17148 | Nagios XI 访问控制错误漏洞 | |
| CVE-2018-17374 | Joomla! Auction Factory SQL注入漏洞 | |
| CVE-2018-17146 | Nagios XI 跨站脚本漏洞 | |
| CVE-2018-16613 | WordPress wpForo Forum插件权限许可和访问控制问题漏洞 | |
| CVE-2019-12890 | RedwoodHQ 访问控制错误漏洞 | |
| CVE-2018-16595 | Sony Bravia TV Photo Sharing Plus 缓冲区错误漏洞 | |
| CVE-2018-16594 | Sony Bravia TV Photo Sharing Plus 路径遍历漏洞 | |
| CVE-2018-16593 | Sony Bravia TV Photo Sharing Plus 命令操作系统命令注入漏洞 | |
| CVE-2018-16618 | VTech Storio Max 命令注入漏洞 | |
| CVE-2018-17381 | Joomla! Dutch Auction Factory组件SQL注入漏洞 | |
| CVE-2018-17387 | Nimble Messaging Bulk SMS Marketing Application 跨站请求伪造漏洞 | |
| CVE-2019-9763 | Openfind Mail2000 跨站脚本漏洞 | |
| CVE-2018-17388 | Twilio WEB To Fax Machine System SQL注入漏洞 | |
| CVE-2018-17389 | Live Call Support Application 跨站请求伪造漏洞 | |
| CVE-2019-11233 | EXCELLENT INFOTEK BiYan 信息泄露漏洞 | |
| CVE-2019-11232 | EXCELLENT INFOTEK BiYan 信任管理问题漏洞 | |
| CVE-2018-17393 | HealthNode Hospital Management System SQL注入漏洞 | |
| CVE-2018-17398 | Joomla! AMGallery组件SQL注入漏洞 | |
| CVE-2018-17399 | Joomla! Jimtawl SQL注入漏洞 |
Showing top 20 of 86 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8747
Z-BlogPHP Commend Approval c_system_event.php CheckComment i - CVE-2026-8746
Open5GS NRF nghttp2-server.c discover_handler use after free - CVE-2026-8745
Open5GS AUSF nausf-handler.c ogs_timer_add denial of service - CVE-2026-8744
Open5GS NRF context.c ogs_sbi_nf_service_add denial of servi - CVE-2026-8743
Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id impr
V. Comments for CVE-2018-18758
No comments yet