CVE-2018-20730

CVE-2018-20730

EPSS 1.2%

A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to execute arbitrary SQL read commands via the query.php component.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.nedi.ch/end-of-year-update/https://www.sakerhetskontoret.com/disclosures/nedi/report.html