CVE-2018-18758

CRITICAL

Open Faculty Evaluation System - SQL Injection

Title source: rule

Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.

exploitdb WORKING POC

by Ihsan Sencan · textwebappsphp

CVSS v3 9.8

EPSS 0.0069

EPSS Percentile 72.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-89

Status published

Products (1)

open_faculty_evaluation_system_project/open_faculty_evaluation_system 7

Published Jun 19, 2019

Tracked Since Feb 18, 2026