CVE-2018-25338 – Zechat 1.5 SQL Injection via hashtag parameter

admin
May 17, 2026
Wire

CVE ID :CVE-2018-25338

Published : May 17, 2026, 1:16 p.m. | 5 hours, 42 minutes ago

Description :Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit the hashtag parameter with union-based payloads to retrieve table and column names.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… To Read More Visit Read More

Related Posts

CVE-2026-9051 – Authentication Bypass Vulnerability in NI SystemLink Enterprise

CVE-2026-49367 – JetBrains IntelliJ IDEA Command Execution Vulnerability

CVE-2026-47744 – Shopper: Authorization bypass and RBAC privilege escalation in team settings