What is CVE-2021-3018?

CVE-2021-3018 is a vulnerability in N/a. Published 2021-01-05.

Is CVE-2021-3018 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-3018

ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page.

EPSS: 0.793 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

m4dm0e.github.io/2020/12/07/ipeak-cms-sqli.html (x_refsource_MISC)
github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2020-12-07-ipeak-cms-sq… (x_refsource_MISC)
www.amario.ch/cms/ (x_refsource_MISC)
ipeak.ch (x_refsource_MISC)
packetstormsecurity.com/files/160815/IPeakCMS-3.5-SQL-Injection.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-3018?: CVE-2021-3018 is a vulnerability in N/a. Published 2021-01-05.
Is CVE-2021-3018 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.