CVE-2018-5972

CRITICAL

Classified Ads CMS Quickad 4.0 - SQL Injection

Title source: llm

Description

SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.

Exploits (1)

exploitdb WORKING POC
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/43868

References (1)

Scores

CVSS v3 9.8
EPSS 0.0165
EPSS Percentile 82.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
quickad_project/quickad 4.0
Published Jan 24, 2018
Tracked Since Feb 18, 2026