Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
ClipBucket Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-7666 - Vulnerability Database
ClipBucket

ClipBucket Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-7666

Critical
Reference: CVE-2018-7666
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-7666
Title: ClipBucket Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

An issue was discovered in ClipBucket before 4.0.0 Release 4902. SQL injection vulnerabilities exist in the actions/vote_channel.php channelId parameter the ajax/commonAjax.php email parameter and the ajax/commonAjax.php username parameter.