CVE-2018-12470 CRITICAL

CVE-2018-12470: SQL injection in RegistrationSharing module

Vendor Suse Linux

Product SMT

Weakness CWE-89 · SQLi

Published October 4, 2018

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

9.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.

Key dates

02Disclosure timeline

October 4, 2018 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-12470

Related vulnerabilities

04Related CVE

CVE-2025-5729 code-projects Health Center Patient Record Management System birthing_record.php sql injection CVE-2019-25473 Clinic Pro SQL Injection via monthly_expense_overview month Parameter CVE-2023-4201 SourceCodester Inventory Management System ex_catagory_data.php sql injection CVE-2025-7402 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.95 - Unauthenticated SQL Injection via site_id CVE-2025-0344 leiyuxi cy-fast listData sql injection