E18-0pq62
CVSS:
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2018
Description
This strike exploits an Time-Based SQL injection vulnerability in iCMS v7.0.8. The vulnerability is caused by insufficient validation of user input on HTTP requests which are used to create SQL queries. Successful exploitation could allow an attacker to trigger a denial-of-service on the target server for a short period.